RISKS OF THIRD-PARTY APPS

An app for this, an app for that. It seems in this day and age, there is an “app” for just about anything you want to do or accomplish. We certainly live in an app-filled world. If previous decades were the age of infrastructure, we are now in the age of applications.

Applications are key to business processes and productivity today. Most organizations run on top of an application stack that allows carrying out many key business functions. Now, most organizations are leveraging the public cloud and cloud-based applications for even more powerful collaboration and technology-driven processes.

Software-as-a-Service (SaaS) environments like G Suite and Office 365 are extremely popular among organizations to host business collaboration, file sharing, email and other services. Cloud SaaS environments today contain a large number of third-party apps that can easily be integrated into your environment. While there can be benefits to these third-party applications, let’s talk about the risks of third-party apps you didn’t know about.

WHAT ARE THIRD-PARTY APPS?
First of all, what are the third-party apps we are referring to when thinking about potential risks to your environment? Third-party “apps” are readily available in both Google’s G Suite and Microsoft’s Office 365 environments. There are third-party apps available covering a wide range of functionality for your SaaS users.

An example of available third-party application categories include:

Remote video conference tools
Business Tools
Office applications
Accounting & finance
Administration & management
ERP & Logistics
HR & Legal
Marketing & analytics
Sales & CRM
Creative tools
Web development
Task management
The beauty of third-party apps in regards to cloud SaaS environments like G Suite or Office 365 is that if you have any gaps in the native cloud SaaS tools offered, you can most certainly find a third-party app that provides the functionality you need.

Third-party apps augment the capabilities of SaaS environments with even more robust tooling, features, and capabilities. These applications generally follow the same SaaS license model of a “per user” license. By means of the third-party apps offered in cloud SaaS marketplaces, your organization can have an “ala carte” style menu available to pick and choose the apps to satisfy the business functionality needed.

Below is an example of the G Suite Marketplace where users have an almost unlimited selection of applications to chose from. By default, users can search and install applications using their G Suite user accounts. You can browse by application type, or applications can be found by searching for apps by name.

In today’s mobile-driven world, third-party apps have become a staple of how we interact with services and data. It has also become an extremely important part of the public cloud. Despite the functionality provided by robust third-party apps, they can bring risks to your organization. How is this the case?

RISKS OF THIRD-PARTY APPS YOU PROBABLY DIDN’T THINK ABOUT
Despite their numerous benefits, third-party apps can certainly bring risk to your organization data, compliance, and security. Let’s take a look at the potential risks that are presented by the use of third-party apps in your cloud SaaS environment.

  1. Malware including ransomware
  2. Data-leak concerns
  3. Compliance and regulatory violations

Often, these particular risks of third-party apps go unnoticed by organizations who are making use of cloud SaaS environments. Let’s explore these further and see why and how your organization can give attention to these specific third-party app risks.

Malware including ransomware
There is arguably no greater risk to your business-critical data today than ransomware. Ransomware insidiously and silently encrypts your data so that you can no longer access what is rightfully yours. Once the encryption process has locked you out of your data, a ransom demand appears, demanding payment before access is restored.

While many have incorrectly assumed that ransomware is an on-premises problem only, this can lead to dangerous consequences for data stored in public cloud storage. Many organizations today are migrating business-critical services like email and file storage to cloud SaaS environments. Without an understanding of the risks at play with third-party apps integrating with cloud SaaS, data can easily be affected.

Ransomware can easily propagate to cloud SaaS environments by means of file synchronization as well as malicious third-party apps and browser extensions that gain access to cloud data. New ransomware variants affecting environments today are “cloud-aware” and are able to compromise cloud SaaS environments by means of these malicious applications.

“Ransomcloud” attacks show how easily a malicious application granted permissions in cloud environments can totally compromise your data. As demonstrated in the “ransomcloud” attack, an entire user’s mailbox is encrypted by granting permissions to a seemingly benign application that in all actuality is ransomware in disguise.

This proof of concept demonstrates the dangers of third-party applications that are granted access to your cloud SaaS environments, either intentionally or by accident. Ransomware attacks can propagate by means of a malicious application or even a browser plugin that has the permissions needed to start encrypting your data. How can malicious third-party apps and browser plugins obtain this level of access to your business-critical data stored in G Suite or Office 365 storage?