search cancel

DLP Extension Not Working in Google Chrome Incognito Mode


Article ID: 173203


Updated On:


Data Loss Prevention Endpoint Prevent


End users can disable the Chrome extension in Incognito Mode. This article describes how to create a Group Policy to prevent End Users from disabling the extension. 


This is by Google Design.


Mac, Windows and Linux


Install and configure Chrome policy templates

Click below for steps for your platform.


For Windows, there are two types of policy templates: an ADM and an ADMX template. Verify which type you can use on your network. The templates show which registry keys you can set to configure Chrome, and what the acceptable values are. Chrome looks at the values set in these registry keys to determine how to act.

Step1: Download Chrome policy templates

The Windows templates, as well as common policy documentation for all operating systems, can be found here:

Zip file of Google Chrome templates and documentation.

Step 2: Open the ADM or ADMX template you downloaded

  1. Navigate to Start > Run: gpedit.msc. (Or run gpedit.msc in your terminal)
  2. Navigate to Local Computer Policy > Computer Configuration > Administrative Templates.
  3. Right-click Administrative Templates, and select Add/Remove Templates.
  4. Add the chrome.adm template via the dialog.
  5. Once complete, a Google / Google Chrome folder will appear under Administrative Templates if it's not already there. If you added the ADM template on Windows 7 or 10, it will appear under Classic Administrative Templates / Google / Google Chrome.

Step 3: Configure policies

 In the Group Policy Editor, open the template you just added and change the configuration settings. The most commonly-modified policies are:

  • Set the home page - The URL that Chrome opens when a user launches the browser or clicks the Home button.
  • Send anonymous usage statistics and crash information - To turn off sending any crash information or anonymous statistics to Google, change this setting to be False.
  • Turn off auto-updates - Although not normally recommended, you can turn off auto-updates.

Apply the policies to the target machines. Depending on your network's configuration, this may require time for the policy to propagate, or you may need to propagate those policies manually via administrator tools.


Chrome policies are described on the Mac in a plist (property list) file. This is found in the Google Chrome Enterprise bundle. To find the plist:

  1. Download Google Chrome Bundle.
  2. Open the bundle.
  3. Find the resources folder.
  4. Find a file called inside.

For setup steps, see Chrome Browser quick start (Mac).


For Linux, Google created a JSON file that you can copy and edit to your needs.

Additional Information

DLP 15.x