Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
41
Views
0
Helpful
0
Comments

Third-Party Apps Discovery and Control for Google

roipaz
Cisco Employee
Cisco Employee

on ‎02-19-2025 02:52 PM

Third-Party Apps Discovery and Control for Google Workspace, expanding the capabilities beyond the existing support for M365. This feature enables you to identify and manage risks associated with apps, plug-ins, and extensions that have been granted OAuth-based access to Google and M365 tenants, enhancing the ability to secure and control the cloud environments. 

Why is this important? 
This new feature will greatly enhance your ability to manage and secure Google environments. By providing visibility into third-party app connections and highlighting risky access scopes, it empower you to make informed decisions and take proactive steps to mitigate potential security threats. 

What are the risks of OAuth-based integrations? 
OAuth-based integrations, while incredibly useful for enhancing productivity and streamlining workflows, can sometimes pose significant security risks. When third-party apps are granted access to a Google tenant, they often request various permissions or access scopes. These scopes can range from basic read-only access to more sensitive permissions that allow for data modification or administrative control. If not carefully managed, these permissions can expose the organization to data breaches, unauthorized data access, and other security vulnerabilities. 

How does the risk score is calculated? 
All authorization scopes are evaluated and classified as low, mid, or high based on their potential risk. For instance, scopes granting the app access to basic user details are deemed low risk, whereas scopes that permit an app to write and edit data or configuration are considered high risk. Ultimately, the highest risk level is identified as the overall risk for all the access scopes provided. This method ensures you are informed about the most significant risks associated with each third-party app.

How can I access Third-Party Apps Discovery? 
In the Secure Access dashboard navigate to Monitor > Third-Party Apps. 

Can I revoke and block access to a third-party app? 
Yes. Choosing to block the third-party app in the report will revoke all existing authorizations and prevent users from authorizing the app in the future.  
Preventing users from authorizing apps in the future is achieved by scanning for access granted to third-party applications every several minutes. This is necessary because Google does not allow permanent blocking of third-party applications via an API. The frequent scans help revoke authorization for new users.  

Can I unblock app authorization that was blocked? 
Yes, you can remove the block on specific apps, allowing users to authorize the app again. 

Where can I find more information? 
Refer to Secure Access and Umbrella documentation for guidance on using 3rd Party Apps Third Party Apps Report  

Labels:
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents