There are many ways that hackers have attempted to subvert the advanced security precautions implemented by enterprises and small businesses alike, but some of the more recent and crafty ones include sending threats through seemingly legitimate sources, like social media. The latest in this string of attacks includes Google Docs, and it is problematic for a number of reasons. Read More
- Published: 27 Dec 2019
For the average PC user, the Internet browser is probably the most utilized piece of software other than your OS. Depending on which browser you use, you may decide to download additional software to give you features that you typically don’t have or give you functionality that is all new. Before you use these software add-ons, you should know that there have been several examples of this software working against users. Let’s take a look at how browser extensions work and how you can get better functionality without putting your data at risk.
What Are Browser Extensions?
Essentially, browser extensions are pieces of software that bring external integrations to the functionality of the browser itself. In Chrome and Microsoft Edge, they are called extensions, while in Firefox they are called add-ons. There are all types of options to choose from. There are apps to help with browser security, productivity, communications, and much more.
A problem that many users--business and otherwise--have with these browser extensions is that sometimes they can be vulnerable to infiltration (or they just flat-out spy on you). This presents a situation where, sure you are getting some enhanced productivity, but if the price is that you need to put your data at risk, that boost in productivity won’t help.
Obviously, some browser extensions/add-ons are secure and have major utility for end-users. Ad blockers, screenshot tools, password managers, and instant messaging tools are often deployed through extensions by users to improve the functionality and security of their browsing experience.
Examples of Risks
People have been using these browser extensions for some time. Just this last year, millions of users of Google Chrome, Mozilla Firefox, and Chromium-based browsers such as Opera were victims of rogue extensions/add-ons. These extensions collected people’s data through capturing titles and URLs of the websites they clicked on. This unauthorized data collection included sensitive data such as medical records and credit card information. Then, if that wasn’t bad enough, the collected web histories of these users were published by a paid service called Nacho Analytics.
Google Is Stepping Up
Soon after the news broke, Google went ahead and set a policy that is aimed at improving the security of the extensions available on the Chrome Web Store. They launched a full-scale audit of the system, which they called Project Strobe. The findings of this audit led them to change the policy of third-party extensions. Now extensions will only be able to request access to the minimum amount of user data necessary to function.
The company also announced they will extend the requirements around its privacy policies. The new changes will be implemented throughout the end of 2019 and into 2020. There are currently 180,000 extensions available on the Chrome Web Store. Essentially, the shift is going to make it more difficult for these third-party extensions to grab user information.
Data security has to be a major point of emphasis for any business or organization that relies on information systems to function effectively. Call the IT experts at Compudata today at 1-855-405-8889 to learn more.