Each third-party application installed on your domain requests its own set of permissions that grant it access to aspects of your domain’s data. Using BetterCloud, you can audit all of the applications your end users have installed, as well as the permissions those applications have requested to surface any security risks to your domain.

  • Select whom on your domain you would like to audit or if you would like to audit everyone who may have installed a third-party application
  • Select the criteria for which to surface applications (permissions, access granted, permission score)
  • Select “Leave the App unresolved”
  • Click "Save and Run"

Use Cases

Audit the applications on your Google Apps domain for permissions that require access to your Drive documents, and then revoke those permissions to ensure your Drive is not vulnerable.


Request a Demo

Frequently Asked Questions

What permissions can a third-party app request?

BetterCloud allows you to filter by the following permissions that an app can request: Drive – read/write, Directory – read/write, Email – read/write, Domain – read/write, Account – read/write, Other – read/write.

What should I look for when evaluating a third-party application?

There are several things to check when determining if an app is approved on your domain, such as the vendor’s security certifications and reputation, the application’s reviews and reputation in the Marketplace, and the permissions the app requests. Make sure that based on the functionality the app provides it needs all of the permissions it asks for, and nothing additional.

How can I revoke an application?

BetterCloud allows you to whitelist and blacklist certain applications. Adding an application to the blacklist will revoke its access to your data and prevent users from using the application any longer. Consider letting users know when you do so and why you deemed the app unfit for your domain.

UP NEXT: Automatically Change Sharing Permissions Based on File Content

Help Center - Third-Party Apps Audit

Audit Users Third-Party Applications in Google Apps

Third-Party Apps: 5 Steps to Empowering Your Users While Minimizing Risk

There was a spreadsheet we found through BetterCloud’s Drive Audit that contained the SSN and employee ID of everyone in the company. It made me wonder what else we could be missing.

Will Hume
Systems Engineer @ Columbia Association | Read the case study