Increase security with site isolation
When you turn on site isolation, Chrome offers more security protections for your browser. Chrome
will load each website in its own process. So, even if a site bypasses the same-origin policy, the extra
security will help stop the site from stealing your data from another website.
1. On your computer, open Chrome.
2. In the address bar at the top, enter chrome://flags/#enable-site-per-process and
press Enter.
3. Next to "Strict site isolation," click Enable.
 If you don't see "Strict site isolation," update Chrome.
4. Click Relaunch now.
Manage site isolation
Google’s site isolation feature improves security for Chrome browser users. When you enable site
isolation, content for each open website in the Chrome browser is always rendered in a dedicated
process, isolated from other sites. Adding site isolation creates an additional security boundary between
websites.
Before you begin

Configuring site isolation for all websites gives you the strongest security. However, it will increase
memory usage by approximately 10% on computers that use Chrome.

If you choose to deploy the site isolation feature, Google recommends you use Chrome policy
templates and not the command-line flag.

For Microsoft® Windows® deployments, you need to download and install the latest administrative
templates on your domain controller.

Any changes to your site isolation policy won't take effect until Chrome is restarted.
Turn on site isolation for all websites
When you turn on site isolation for all websites, every site runs in a dedicated rendering process and
all sites are isolated from each other.
To test site isolation for all websites locally before you deploy it to your organization, use
the command line flag:
--site-per-process
To turn on site isolation for all websites for your entire organization, enable the
and deploy the updated policy settings to your Chrome devices.
SitePerProcess policy
Turn on site isolation for specific websites
You can create a specific list of websites that you want to isolate. Each entry on the list will run in a
dedicated rendering process. You can include sites that users sign in to as well as other sites that
contain sensitive information, such as productivity sites or intranet sites.
To test your configuration locally before you deploy it to your organization, use the command
flag to specify a list of website that you want to isolate. For example:
line
--isolate-origins=https://example.com,https://subdomain.example.org
To turn on site isolation for a specific list of websites for your entire organization, configure
the IsolateOrigins policy and deploy the updated policy settings to your Chrome devices.
Turn on site isolation from the Admin Console
Use the Google Admin console to configure site isolation for Chrome OS users and anyone who uses
cloud policies on Chrome.
1. Sign in to your Google Admin console.
Sign in using an administrator account, not your current account abhigyan17@gmail.com
2. From the Admin console Home page, go to Device management.
To see Device management, you might have to click More controls at the bottom.
3. On the left, click Chrome management.
4. Click User settings.
5. (Optional) To apply the settings to an organization:
1. On the left, select the organization.
2. Make sure Managed Chrome Browser is turned on for this organization.
Learn more about the organizational structure.
6. Go to the Site Isolation section.
7. If you want to turn on site isolation for all websites:
1. Select Turn on site isolation for all websites (SitePerProcess).
2. (Optional) Enter additional origins, separated by commas, that you want to isolate from their
respective websites. For example, enter https://login.example.com to keep it isolated from the
rest of https://example.com.
8. If you want to isolate specific websites:
1. Select Turn on site isolation for specific websites, set below (IsolateOrigins).
2. Enter a list of websites and origins, separated by commas, that you want to isolate.
9. At the bottom, click Save.
Settings typically take effect in minutes, but can take up to an hour to apply for everyone.