How to Enable Strict Site Isolation in Chrome

How to Enable Strict Site Isolation in Chrome

One way to increase security in the Google Chrome web browser is to enable strict site isolation, which causes each page renderer process to contain pages from only a single site at a time, effectively placing them in a per-site sandbox. Theoretically this could help to mitigate against certain security risks, like those posed by threats, but it should not be considered a replacement for simply keeping the Chrome web browser up to date with latest versions which often include various security patches. Strict site isolation is considered a highly experimental security mode, and while its easy to turn on in Google Chrome it is not without some potential drawbacks, mostly related to resource usage. You can enable Strict Site Isolation in Google Chrome for Mac OS, Windows, Linux, Chrome OS, and Android. Heres how: Once Chrome relaunches the Site Isolation feature will be enabled, and each unique website should be placed into its own Chrome process sandbox. The explanation of Strict Site Isolation offered in the Chrome settings is as follows: However, a much more detailed explanation of Site Isolation is outlined as follows: Site Isolation is an experimental security feature in Chrome that offers additional protection against some types of security bugs. It makes it harder for untrusted websites to access or steal information from your accounts on other websites. Websites typically cannot access each others data inside the browser, thanks to code that enforces the Same Origin Policy. Occasionally, security bugs are found in this code and malicious websites may try to bypass these rules to attack other websites. The Chrome team aims to fix such bugs as quickly as possible. Site Isolation offers a second line of defense to make such attacks less likely to succeed. It ensures that pages from different websites are always put into different processes, each running in a sandbox that limits what the process is allowed to do. It also blocks the process from receiving certain types of sensitive documents from other sites. As a result, a malicious website will find it more difficult to steal data from other sites, even if it can break some of the rules in its own process. Perhaps the most notable drawback is that enabling this feature can lead to increased memory and resource usage by Chrome, particularly if you use and maintain a lot of tabs and windows opened concurrently. Because its experimental, there could be some other issues with the feature, but in testing with several dozen unique tabs open, the most notable difference is simply an increase in memory usage of various Chrome Helper tasks. Chrome acknowledges that certain developer tools wont function as expected as well, but that should impact fewer casual users. If interested, you can read more about Site Isolation in Chrome by reviewing , and you can if youre interested in some other interesting features and capabilities of the cross-platform web browser. Whether you enable Site Isolation in Chrome or not, for optimal security dont forget to regularly update your web browser software when updates become available.