On July 6, 2017, Google announced a new set of OAuth Security controls, called “OAuth Apps Whitelisting”.
With these new security controls, an admin can:
- Detect third-party apps that are accessing G Suite data
- Allow access to apps that are trusted
- Block unapproved third-party apps that access core G Suite services
Cloudlock has led the OAuth security market for several years with our Applications Firewall and Google’s announcement validates our position that OAuth security has been a critical and severely-neglected area of cloud security.
Cisco commends Google for responding to the recent OAuth Phishing Attack. In addition to sending users emails for newly-installed apps, Google has changed the OAuth prompt behavior to allow for more granular controls.
Google’s new whitelisting capabilities were critically needed by companies needing only broad-brush controls. However, there are a number of OAuth security controls that many organizations still require. Here is a comparison table of Google and Cisco Cloudlock’s OAuth Security capabilities:
In addition, the Cisco Cloudlock Apps Firewall provides a full workflow around sanctioning and/or banning applications. This includes identifying risky applications, notifying administrators and end users, and providing detailed access information to help security admins make intelligent risk-based decisions.
Keep your eye out for new Cloudlock announcements about how to prevent Cloud Malware while continuing to enable productivity.
Interested in learning more? Try our new OAuth Risk Assessment tool and in less than 60 seconds, uncover potential exposure from your connected 3rd party apps.