1.22 Ensure 'Import autofill form data from default browser on first run' is set to 'Disabled'

Information

This setting controls whether users are allowed to import autofill data from other browsers into Google Chrome.

If you set this setting to Disabled, users will be unable to perform an import of autofill data during Google Chrome run. This will also prevent users from importing data after Google Chrome has been set up.

The recommended state for this setting is: Disabled (0)

Rationale:

Allowing autofill data to be imported could potentially allow sensitive data such as personally identifiable information (PII) from a non-secured source into Google Chrome. Considering that storage of sensitive data should be handled with care, disabling this setting is recommended.

Impact:

None - This is the default behavior.

Solution

To establish the recommended configuration via Group Policy, set the following UI path to Disabled:

Computer Configuration\Policies\Administrative Templates\Google\Google Chrome\Import autofill form data from default browser on first run

Default Value:

Unset (Same as Disabled, but user can change)

See Also

https://workbench.cisecurity.org/benchmarks/8691

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-8, CSCv7|4.8

Plugin: Windows

Control ID: 2414f5ea855ec22627303c1f520da837e1da3a21d17ba73d2526fb3ea970cedb