Great content delivered right to your mailbox

Thank you! Check your inbox for our monthly recap!

These days, there’s so much existing software that helps us do our jobs and live our lives that it’s incredibly overwhelming. Every day we learn about something new that can improve our workflow, time management, and more. But how do we know what’s really useful and what’s just trouble in disguise? How do we make sure shiny new third party apps won’t cause more problems than benefits?


Learn how Office Protect helps keep your Microsoft 365 tenants safe with our e-book


Third-party apps vs. native apps

One of the main security risks with this new software is third-party applications. But what are those exactly? By definition, a third-party application is an app that is not created by the manufacturer of a device.

This is different from a native app, which is developed by the manufacturer. So if Apple develops an app for the iPhone, it is a native app. If someone else develops an app that runs on iPhone, it is a third-party app. Same for Facebook – apps that are not developed by Facebook are considered third-party, and will often ask your permission to access your Facebook data. You may have encountered this when trying to take a Facebook quiz or play a game.


Under the umbrella of third-party apps, there are three types:

  1. Applications created for official online app stores (like Microsoft AppSource or Google Play)

These applications follow fairly strict criteria for development and publishing and are often vetted for issues like malware.

  1. Applications offered through unofficial websites

These apps are usually offered via websites not affiliated with the manufacturer of the device. They are not vetted by manufacturers.

  1. Applications which connect with another service

This type of application is not downloaded. Instead, it piggybacks off another installed app and asks for permission to access the information you’ve given to the other app. A good example of this is the Facebook quiz mentioned earlier.


The risk of third-party apps

As might be evident from the descriptions, there are varying levels of threats associated with each type of third-party app. The official app stores pose the least amount of danger due to their development criteria and vetting process, but no store can guarantee that all applications sold there are safe. It only takes one bad apple to compromise your data.

Unofficial third-party app stores may sell good apps, but they are more likely to have applications infected with malware. They can also sell what appears to be common, safe apps at lower prices than the official store. However, these apps can have ransomware or adware injected into their code that you cannot see.

The risk of the third type of app that connects with another service isn’t malware. But when used, you’ve permitted it to view sensitive data from that point forward. So long after you’ve taken that quiz, the company is still mining your profile for potentially sensitive data.


The risk for your business

As you can see, the biggest problem with third-party apps is ambiguity. You don’t honestly know if an app is malicious or helpful at first glance. It takes much research and time to determine if an app is coded with malware, even if you are an IT professional. For someone without IT experience, it takes even more research and time.


What happens if a malicious app slips through?

What if someone doesn’t do their due diligence, and a malicious third-party app downloads onto your network? What kind of malware could make its way into your system, and what trouble could it cause? It could be any number of things, but here are a few examples.

  • Ransomware – This attack extorts money from you to access your system.
  • Spyware – A program that runs in the background, slowly extracting your valuable data over time.
  • Outbound Spam (LINK) – It triggers a code to send thousands of spam emails from your account in a second, causing the loss of your reputation and clientele.


Not worth the risk

As the keeper of your businesses’ data, you can’t afford to rely on your employees taking steps to ensure that any third-party app they download is safe. Just one mistake could cost you your data, reputation, clients, and more. So the safest thing to do is to ban third-party apps altogether. But how can you do that?


What do we mean by a third-party integration for Microsoft 365?*

Now, there may be some confusion about what me mean when we say “third party integration”, so let’s clear that up right now. We’re talking about any software developed by non-Microsoft sources, and which requires permissions/access to any information that’s in your Microsoft 365 tenant.

For example, say a user likes Salesforce and wants to integrate Salesforce Lightning with their Outlook (so that they can look at their contacts, leads, and accounts associated with their emails without leaving Outlook), this is an example of a third party integration since the app is made by Salesforce.


Office Protect

Office Protect is here to help. With the setting “Do Not Allow Third-Party Integrated Applications,” you can make sure no employees are integrating third-party apps into Microsoft 365.

For example, when this setting is in effect, an end user without administrator privileges would not be able to integrate Salesforce Lightning to their Outlook.


How to turn on the setting

To enact this feature, just access the settings from your Office Protect “Set” page. Go to the setting, and then flip the toggle switch to “on.” You will see the security impact (high) and the user impact (medium).


Exceptions to the rule

You may be concerned that some users may go through the correct vetting process and could utilize third-party apps to do their job better. If that’s the case, no problem. Even if this setting is enabled, anyone with admin privileges can download third-party apps. You could give these users admin privileges. Or, you might allow anyone that wants to download a third-party app submit a request to your IT department or someone you trust to do the right research. You’ll be covered no matter what your needs are.

As you can see, there truly is no downside to enacting this great setting (and more) that you can get with Office Protect. Contact your Sherweb representative today to learn about how this product can help your business. Do remember that Office Protect is one layer of an efficient security offering, and it is very specific to raising the essential security of your Microsoft 365 tenants. If you want something that prevent a user from putting potentially malicious apps on your network, you’re looking for endpoint protection. Sherweb has you covered there too!


*A correction was made to the article on November 26.

Written by The Sherweb Team Collaborators @ Sherweb

As a value-added cloud solutions provider, Sherweb is dedicated to providing more for its partners, direct customers and extended network. The Sherweb Blog is just one example of how we make this happen, and our team members frequently collaborate on content to ensure it's as beneficial as possible for our readers. If you like what you see here, we strongly encourage you to subscribe!