– Security teams face threats from third-party applications commonly installed by employees.
– These apps are designed to link to a hub app like Salesforce, Google Workspace, or Microsoft 365.
– The main security concerns arise from the permissions these third-party apps are granted, which potentially increases risk.
Threats Looming from Third-Party Apps
It’s no secret that security teams often feel like they’re playing whack-a-mole with potential threats, especially when they come in the form of third-party applications installed by employees. Perfect analogy, don’t you think? It’s like trying to figure out who ate the last slice of pizza when you live in a house full of teenagers.
Network Connectivity of Third-Party Apps
The inherent function of these third-party applications is to make employees’ lives easier by establishing a sync with ‘hub’ apps such as Salesforce, Microsoft 365, or Google Workspace. It’s kind of like having your trusty sidekick ready to lend a hand whenever you need…always on call, serving up a dose of efficiency.
Security Concerns over Permission Scope
The main concern over these good-intentioned sidekicks, however, comes down to the ability – or ‘permissions’ they’re granted in order to function. It’s like handing over the keys to your home, only to discover your sidekick might be hosting parties while you’re out. This potentially broad permission scope is what alarms security professionals, opening the door to an increased risk profile.
In summary, the article emphasizes the potential security threats that third-party apps pose. While they’re designed to improve productivity by connecting to hub apps like Salesforce, Google Workspace, or Microsoft 365, the broad permission scope they’re usually granted can considerably endanger security, much like a forgetful superhero might unknowingly compromise their secret hideout. It highlights the need for security teams to be vigilant about monitoring and controlling these permissions to protect their secret tech lairs.
Remember, with great power, comes…great responsibility to double-check your app permissions!Original Article: https://thehackernews.com/2023/09/the-rise-of-malicious-app.html