Overview
Application Role Grant
The application role grant alert is triggered (as the name implies) when a new application role grant is given permission to access data within your tenancy.
Application Role Grant
- Stop hidden file and email access
- Monitor for changes
- Be proactive
- Review existing grants
- Protect data
Impact
Real world impact
Problems Faced
Ken is browsing the internet, and sees a great new feature that promises to help sort out his email faster. Ken clicks next a few times, then an approve button, and that’s it – this external application now has access to read Ken’s emails (and potential write them, edit files, and a range of other functions).
We are hopeful that this application is ‘friendly’, unfortunately not all of them are. Some of these applications can sit in the background and take complete copies of your data without you even realising.
If a user adds an application, we strongly recommend vetting it – and removing any unwanted or unneeded applications.
Solution
It is time critical that new application role grants are identified quickly. An unwanted application can potentially (silently) read, and potentially even change your data. This is a major security threat, and once approved, an application will completely by-pass Multi-Factor-Authentication (MFA).
Without attention, application role grants can remain running indefinitely.
Prevention
What are the main questions you should consider when working out how to manage this risk?
- Do you have a any system or solution in place to detect new Application Role Grants?
- If one of your users was to add an Application Role Grant today, would you find out?
- How long do you think it would take you to discover a newly added Application Role Grant?
- Have you ever checked your system for Application Role Grants?
- What would the impact be on your organisation if a user account was compromised with a malicious Application Role Grant for an extended period of time without detection?
Problems Faced
Ken is browsing the internet, and sees a great new feature that promises to help sort out his email faster. Ken clicks next a few times, then an approve button, and that’s it – this external application now has access to read Ken’s emails (and potential write them, edit files, and a range of other functions).
We are hopeful that this application is ‘friendly’, unfortunately not all of them are. Some of these applications can sit in the background and take complete copies of your data without you even realising.
If a user adds an application, we strongly recommend vetting it – and removing any unwanted or unneeded applications.
Solution
It is time critical that new application role grants are identified quickly. An unwanted application can potentially (silently) read, and potentially even change your data. This is a major security threat, and once approved, an application will completely by-pass Multi-Factor-Authentication (MFA).
Without attention, application role grants can remain running indefinitely.
Prevention
What are the main questions you should consider when working out how to manage this risk?
- Do you have a any system or solution in place to detect new Application Role Grants?
- If one of your users was to add an Application Role Grant today, would you find out?
- How long do you think it would take you to discover a newly added Application Role Grant?
- Have you ever checked your system for Application Role Grants?
- What would the impact be on your organisation if a user account was compromised with a malicious Application Role Grant for an extended period of time without detection?
More
Blog
CatchBefore it is too late!
Your data is actively being targeted. Safeguard your information with proactive measures.