Risky Third-party Apps Audit

In the Risky third-party Apps Audit section you can scan all applications with access to corporate data within G Suite, to identify all possible business risks and G Suite security threats.

The brief summary is provided on your dashboard in the G Suite security dash. To move to that section press the Apps Audit dash or the Apps Audit button in your main menu on the left.

If you have just signed up for a Spinbackup account and the 3rd-party apps are not audited yet, or to renew data, press the Scan Now button on your Dashboard.

Spinbackup apps scan now

In that section you can see the list of all applications with access to the corporate data.

Spinbackup 3rd-party apps

1 – the computer icon indicates the native app.

2 – the green, red, and orange icons indicate trusted apps, risky apps and apps that may have risk, accordingly.

3 – the ticks indicate applications installed by the Administrator.

4 – the application name.

5 – the number of users with access to it (for apps installed not by administrator).

6 – the function type of the application.

You can sort the list by any of the columns by pressing the corresponding button. To search for a specific application, use the advanced search bar on the top of the page. To filter the list to view the Risky apps only, the Trusted apps only, or all the apps, press the All filters button.

Spinbackup apps search filter

You can download the 3rd-party Apps Audit report to your local device in Microsoft Excel (.xls) or in Comma-Separated Values (.csv) format by pressing the Download as button.

Spinbackup 3rd party apps download

Applications are marked as Trusted, Risky, and those that May have risk on the base of a score, assigned by the Spinbackup machine algorithm. This way Spinbackup saves administrators’ valuable time, that they would spend analyzing each application separately.

By pressing on the application name, you can view it in more detail. You can see the access level of the application and the list and description of its possible risks. The section provides information about how many users have access to the application. You can press the number of users to see the list of these users.

Spinbackup app details

Depending on whether the application was downloaded by the route administrator or by other users, different actions can be applied to the application.

Apps downloaded by the administrator can be marked as trusted or marked as risky with automatic addition to the blacklist. Apps downloaded by other users can be marked as trusted or marked as risky, with or without addition to the blacklist. For apps downloaded by other users, the administrator can revoke its access to all or to selected users.

Apps installed

by the administrator

Apps installed

by other users

 Mark as trusted + +
 Mark as risky + by default for apps with removed access
 Add to the blacklist  

by default for apps marked as risky


optional for apps with removed access

 Remove from blacklist + +
 Remove access


(for all users and for selected users)

  • To mark an application as trusted so that in the “Apps Audit” section list it has the green “Trusted” icon, open the required application and press the Mark as trusted button.

Spinbackup app mark trusted

In a new pop-up window, confirm your choice by pressing Yes.

Spinbackup app mark trusted yes

Now, the application is marked as trusted. In the application details, you can see the notice that a new “Trusted” icon has been assigned to the application, because the app has been marked as trusted by the domain administrator.

Spinbackup app trusted

  • To mark an application, installed by administrator as risky, open the required application and press the Mark as risky button.

Spinbackup app mark as risky

In a new pop-up window confirm your choice by pressing Yes. The application will be automatically added to the blacklist.

Spinbackup app mark as risky yes

Please note: The process of manually marking an application as risky works only for applications, installed by the administrator. Native applications cannot be marked as risky. Applications installed by other users are marked as risky automatically when the administrator removes its access to all users.

  • The Blacklist is the list of applications prohibited to use in the company.

If an employee gives the blacklisted application access to corporate data, Spinbackup will notify the administrator about it, so the company no longer should worry about security breaches, coming from that source. To view the list of blacklist applications, press the Blacklist button in the “3rd-party Apps Audit” section.

Spinbackup app blacklist

In a new window you will see the 3rd-party Apps blacklist section. You can remove apps from the blacklist by pressing the Remove button.

Spinbackup app blacklist remove

  • If you switch on the Automated removal of the blacklisted apps function, Spinbackup will automatically remove access to corporate data for the blacklisted apps.

If you add an application to the blacklist, while the “Automated removal of the blacklisted apps” function is switched on, the automated removal will take place during the daily application scan after adding the application to the blacklist.

  • To remove access to selected employees, open the required application and press the Has access to … users button.

Spinbackup app users access

In a new window, press the checkboxes of the users, from whom you want to remove the application access then press the Remove for selected button.

Spinbackup app remove access selected

  • To remove the application access to all employees, follow the same steps and press the Remove for all button.

Spinbackup app remove access all

Or simply press the Remove access button in the application window.

Spinbackup app remove access

In a new pop-up window confirm your choice by pressing Yes. If you want to add the application to the blacklist, press the corresponding checkbox.

Spinbackup app remove access blacklist

Please note: By default, only the route administrator can view and manage the 3rd-party Audit section at Spinbackup. However, you can nominate an additional administrator and give him/her permission to sign into the Spinbackup account. You can revoke this permission at any point. To learn more, read our How to Assign Additional Administrators and Manage Their Access Levels article.

To learn more about the Spinbackup 3rd-party Apps Audit section, watch our 3rd-party Apps Audit (video demo).

Discover more on risky third-party apps control in G Suite environment!