Posts

Third Party Apps: The Overlooked Data Risk

/in ,

risks of third-party apps It is easy to overlook the risks of third-party apps. You see a cool app and install it on your phone. You see the prompt asking you for permissions. It is not clear what the app wants to access or why, but you want the app. You click “Grant” or “Allow” and away you go. Some third party now has access to your contacts, you schedule, and maybe even your files. Whether mobile apps, browser extensions, or freemium apps, your user community is installing apps and tools and granting access to your data. And while most apps are harmless and well-behaved, one rogue app can be a disaster.

The Hidden Dangers of Third-Party Apps

Not every app, and not every app provider, is trustworthy.  And since most apps need access to some of your data in order to function, permissions should not be granted without some forethought. Preventing individual users from installing apps and granting permissions, however, is nearly impossible. Most small and midsize organizations have neither the money or resources to micromanage browsers and mobile devices — especially in our BYOD world.

Using third-party apps can come with certain risks, and it’s important to be aware of them before installing and using such applications. Here are some common risks associated with third-party apps:

  1. Security and Malware: Third-party apps may pose security risks as they are not subject to the same level of scrutiny and oversight as apps available on official app stores. Some third-party apps may contain malware, spyware, or other malicious code that can compromise your device’s security and steal personal information.
  2. Data Privacy: Third-party apps may collect and misuse your personal data without your knowledge or consent. These apps may access sensitive information stored on your device, track your online activities, or share your data with third parties for targeted advertising or other purposes. This makes a good case for implementing proper data protection and security measures.
  3. Compatibility and Reliability: Third-party apps may not be as reliable or compatible with your device as apps provided by trusted sources. They may crash frequently, have compatibility issues with your operating system or other apps, or cause other technical problems.
  4. Lack of Updates and Support: Third-party apps may not receive regular updates or support from developers. This can lead to compatibility issues with new operating system versions or security vulnerabilities that go unpatched, leaving your device exposed to potential threats due to outdated technology.
  5. Inadequate User Reviews and Ratings: Unlike official app stores that have stricter review processes, third-party app sources often lack reliable user reviews and ratings. This makes it challenging to assess the quality, safety, and overall user experience of these apps.
  6. Legal and Copyright Issues: Some third-party apps may infringe upon intellectual property rights, such as copyrighted content or trademarks. Installing and using such apps could potentially lead to legal repercussions.

To minimize the risks associated with third-party apps, consider the following precautions

The Best Ways to Safeguard Your Device and Data from Third-Party Risks

Fortunately, for those of us running Google Apps and other cloud services, we have affordable solutions for monitoring and managing third party app access to your data.

Our Recommendation to Shield Your Device from Potential Harm

If you are running Google Apps, we generally recommend BetterCloud Enterprise as our preferred solution for several reasons:

  • The Domain Health and Insight Center provides you with activity reports, alerts, and advanced reporting
  • Bettercloud includes a robust suite of Google Apps admin tools that are not available in the Google Apps Admin Console, including bulk actions, dynamic groups, and a user deprovisioning wizard
  • BetterCloud monitors and lets you manage third party app access to any data within Google Apps, and provides a trust rating to help you determine which applications pose a risk
  • BetterCloud monitors activity in Drive against business rules to ensure compliance with data privacy policies and regulations. BetterCloud will proactively modify permissions and send alerts to prevent accidental or intentional violations.

Additional Ways to Guard Against the Pitfalls of Third-Party Apps

  • Only download apps from trusted sources, such as official app stores or reputable websites.
  • Read reviews and ratings from other users before installing an app.
  • Check the permissions requested by the app and ensure they are necessary for its functionality.
  • Keep your device’s operating system and security software up to date.
  • Use reputable antivirus software to scan apps before installation.
  • Be cautious when granting excessive permissions or sharing sensitive information with apps.
  • Regularly review and remove any unused or suspicious apps from your device.

How Cumulus Can Help Protect You From Third-Party App Risks

While there is a minimum fee for BetterCloud Enterprise, you can try BetterCloud for free for up to 30 days.  If you like what you see, we will waive the setup fees.  If not, you can keep running the Domain Health and Insight Center for free.

 

Beware of Marketplace Apps on the Move

/in ,


Last week, Google announced that the Google Apps Marketplace was open for business to all Google Apps users, not just administrators.

While this move opens up a wide range of personal productivity applications to Google Apps users, it is not without risks.

  • Your users can now commit you to paid apps and services that you may not want as part of your environment.
  • Apps may require permissions to data in your Google Apps environment that needs to be, or you want to be, private and secure.
  • Not all apps are from well-known vendors.

As we have written in the past, third party apps can present a risk to your data and your business.  And while Bring-Your-Own-App (BYOA) can be beneficial to staff efficiency and effectiveness, Google Apps administrators should careful and should understand the security health of the domain.

As such, consider turning off marketplace access to all users.  (Customers with a support plan: Ask us and we will do this for you).

We also recommend that you consider a Google Apps Security Health Check (special offer through Sept 30th) to ensure that Marketplace, mobile, and other third party apps are not already posing a risk.

If your current Google Apps reseller is not providing guidance on best practices, security and other important issues, contact us.  We would love to have you join us as a client.