One of the companies I work for recently informed me that browsing the Intranet using Chrome is not accepted (nor supported) because it "collects data", therefore making it insecure. However, they still allow connections from all versions of Internet Explorer, even the security-hole-ridden and long-since-abandoned-by-MS IE6. Neither of these decisions makes any sense to me.
Is the IT guy making a valid argument? Should I stop using Chrome on the company's Intranet? Is Chrome collecting potentially dangerous information from our Intranet?
Funnily enough, at the other company I work at, all versions of IE are blocked. If Chrome really were a security risk, wouldn't blocking it be the best solution?
NOTE: I'm not looking for ammunition to fight over this issue, I've long since accepted this policy as just the way it is and things aren't likely to change, not even if Bill Gates were to walk into the president's office and say, "you should use Chrome instead of IE because…" (or any number of creative scenarios one could conjure up) they still wouldn't change their policy.
Best Answer
Google disclaims a policy in the Chrome documentation. It essentially says Chrome doesn't gather any data besides what typing into the search field at google.com would provide Google with. While this does constitute a privacy risk, unless your IT blocks all access to Google, the argument doesn't hold water. (And is likely based on jumping to conclusions from skimming sensationalist headlines.)
Chrome and Chromium also collect additional data, the extent of which is mentioned in a blog post by the developers.
That said, I haven't tried watching Chrome with wireshark to verify what is actually sent to Google servers, so trust the above as much as you trust Google to keep their word to begin with.