In the Risky-party Apps Audit section, you can scan all applications with access to corporate data within G Suite to identify all possible business risks and G Suite security threats.
The brief summary is provided on your dashboard in the G Suite security dash. To move to the section press the Apps Audit button in the dash or the Apps Audit button in your main menu on the left.
If you have just signed up for a Spinbackup account and the 3rd-party apps are not audited yet, or to renew data, press the Scan Now button at your Dashboard.
In the section, you can see the list of all applications with access to the corporate data.
1 – the computer icon indicates the native app.
2 – the green, red, and orange icons indicate trusted apps, risky apps and apps that may have risk, accordingly.
3 – the ticks indicate applications installed by the Administrator.
4 – the application name.
5 – the number of users with access to it (for apps installed not by administrator).
6 – the function type of the application.
You can sort the list by any of the columns by pressing the corresponding ∨ button. To search for a specific application, use the advanced search bar on the top of the page. To filter the list to view the Risky apps only, the Trusted apps only, or all the apps, press the All filter button.
You can download the 3rd-party Apps Audit report to your local device in Microsoft Excel (.xls) or in Comma-Separated Values (.csv) format by pressing the Download as button.
Applications are marked as Trusted, Risky, and those that May have risk on the base of a score, assigned by the Spinbackup machine algorithm. In this way, Spinbackup saves administrators’ valuable time that they would spend analyzing each application separately.
By pressing on the application name, you can view it in more detail. You can see the access level of the application and the list and description of its possible risks. The section provides information about how many users have access to the application. You can press the number of users to see the list of these users.
Depending on whether the application was downloaded by the route administrator or by other users, different actions can be applied to the application.
Apps downloaded by the administrator can be marked as trusted or marked as risky with automatic addition to the blacklist. Apps downloaded by other users can be marked as trusted or marked as risky, with or without addition to the blacklist. For apps downloaded by other users, the administrator can revoke its access to all or to selected users.
by the administrator
by other users
|Mark as trusted||+||+|
|Mark as risky||+||by default for apps with removed access|
|Add to the blacklist||
by default for apps marked as risky
optional for apps with removed access
|Remove from blacklist||+||+|
(for all users and for selected users)
- To mark an application as trusted so that in the “Apps Audit” section list it has the green “Trusted” icon, open the required application and press the Mark as trusted button.
In a new pop-up window, confirm your choice by pressing Yes.
Now, the application is marked as trusted. In the application details, you can see the notice that a new “Trusted” icon has been assigned to the application, because the app has been marked as trusted by the domain administrator.
- To mark an application installed by administrator as risky, open the required application and press the Mark as risky button.
In a new pop-up window, confirm your choice by pressing Yes. The application will be automatically added to the blacklist.
Please note: The process of manually marking an application as risky works only for applications installed by the administrator. Native applications cannot be marked as risky. Applications installed by other users are marked as risky automatically when the administrator removes its access to all users.
- The Blacklist is the list of applications prohibited to use in the company.
If an employee gives the blacklisted application access to corporate data, Spinbackup will notify administrator about it, so the company no longer should worry about security breaches coming from that source. To view the list of blacklist applications, press the Blacklist button in the “3rd-party Apps Audit” section.
In a new window, you will see the 3rd-party Apps blacklist section. You can remove apps from the blacklist by pressing the Remove button.
- If you switch on the Automated removal of the blacklisted apps function, Spinbackup will automatically remove access to corporate data for the blacklisted apps.
If you add an application to the blacklist, while the “Automated removal of the blacklisted apps” function is switched on, the automated removal will take place during the daily application scan after adding the application to the blacklist.
- To remove access to selected employees, open the required application and press the Has access to … users button.
In a new window, press the checkboxes of the users from whom you want to remove the application access then press the Remove for selected button.
- To remove the application access to all employees, follow the same steps and press the Remove for all button.
Or simply press the Remove access button in the application window.
In a new pop-up window, confirm your choice by pressing Yes. If you want to add the application to the blacklist, press the corresponding checkbox.
Please note: By default, only the route administrator can view and manage the 3rd-party Audit section at Spinbackup. However, you can nominate an additional administrator and give him/her permission to sign into the Spinbackup account. You can revoke this permission at any point. To learn more, read our How to Assign Additional Administrators and Manage Their Access Levels article.
To learn more about the Spinbackup 3rd-party Apps Audit section, watch our 3rd-party Apps Audit (video demo).