locked
WIP- Google Chrome don't work in enterprise context but has access to corporate data RRS feed

  • Question

  • We are using Intune WIP for Enrolled and BYOD devices. All devices are win10 and up to date.

    Problem is that 3rd party browsers (Chrome, Firefox) don't work in enterprise context, but have access to corporate resources.

    Also, protection polices doesn't work for it (for example we can copy/paste from O365  mail to non managed app if using chrome). For all other apps, everything works as expected (edge, IE, Outlook..). Our goal is having Chrome works in enterprise contexts, and app protection policy apply to it.

    This is setup:

    AppCompat is added as network boundary. Without it, chrome or Firefox can't go to Internet at all.


    Google Chrome is added to protected apps:

    Task manager form managed win10 laptop:


    Friday, April 26, 2019 8:28 AM

All replies

  • Are your WIP settings working for other apps besides 3rd party browsing? (Just to confirm the WIP policies are correctly set up)
    If so, what settings do you have for the cloud resources?

    Have you done a sync on your machine and also a restart, then check task manager and see if its running under your tenant name?

    I have tested it on My Windows 10 1903 using Chrome and it works fine (see the enterprsie context for Chrome isn't personal)


    Monday, April 29, 2019 1:07 AM
  • I hit same error and posted a blog . walk through the settings available in the blog post http://eskonr.com/2017/10/allow-3rd-party-browsers-on-windows-10-devices-that-are-applied-with-windows-information-protection-wip-policies-using-intune/



    Eswar Koneti | Configmgr Blog: http://www.eskonr.com | Linkedin: eskonr | Twitter: @eskonr

    Monday, April 29, 2019 3:33 AM
  • Hi Mario,

    Did you got this fixed ?

    I have the same requirement and the issue. Unable to protect the work documents accessed through Chrome or Firefox

    Monday, June 17, 2019 9:22 AM
  • Hi Nick,

    I have included the all the recommended apps with the boundaries as below. I am able to restrict the work data in EDGE, IE & Outlook but not in thirdparty browser. Please help.

     sabdemo.sharepoint.com|sabdemo-my.sharepoint.com|sabdemo.sharepoint.com|outlook.office365.com|attachments.office.net|/*AppCompat*/

    Monday, June 17, 2019 9:28 AM
  • Hi Eswar,

    The article which you have shared only help us with the internet access on third party browser. I see that the question is to protect the work content accessed through third-party browser. Can you please help here ?

    Monday, June 17, 2019 9:30 AM
  • Hi,

    I think this doc will be helpful:

    https://docs.microsoft.com/en-us/windows/security/information-protection/windows-information-protection/wip-learning

    Monday, September 2, 2019 4:42 PM
  • Hi Eswar,

    The article which you have shared only help us with the internet access on third party browser. I see that the question is to protect the work content accessed through third-party browser. Can you please help here ?

    Google chrome or any 3rd party browsers are not enlighten apps.If you want to protect the data in 3rd party apps then you may need to add the browser to protected apps.  have you tried adding app ? https://docs.microsoft.com/en-us/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure

    Eswar Koneti | Configmgr Blog: http://www.eskonr.com | Linkedin: eskonr | Twitter: @eskonr

    Friday, September 6, 2019 1:32 PM