Contact us today!
866-348-2602

Total Tech Care Blog

Total Tech Care has been serving Florida since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Evaluating the Security of Your Chrome Extensions

Evaluating the Security of Your Chrome Extensions

Google Chrome is currently used by 69 percent of global desktop Internet users, as of July of 2020. With such a large amount of people using Chrome, its security becomes even more important… which makes it all the worse that many people are unaware of the permissions that some of its extensions claim.

Let’s go over how you can review how much of your data these Chrome extensions can access, and how you can adjust these permissions more to your liking.

Fair warning: This will naturally require you to change a few settings, so don’t be afraid to reach out to your IT provider to confirm these changes are okay to make and for assistance in doing so.

What Permissions Have Extensions Been Granted?

Here’s the thing—the extensions that you have installed into the Chrome browser, much like the applications that can be installed on a mobile device, will require some of your browsing data in order to function. Many extensions and applications, however, take claim of far greater permissions than their functionality requires in practice. In fact, a recent analysis of extension permissions shows that over a third of all extensions do this!

Here are a few steps that allow you to evaluate your Chrome extension permissions and help you to avoid granting them too much access in the future.

Step One: Evaluate Your Current Permissions

First, you will want to find out how many of your installed extensions currently ask for too much. To do so, you’ll need to type chrome:extensions into the address bar and go through the Details of each extension that appears on the page.

There, you’ll find a line annotated with Site access. There are various access levels that an extension can have once it is installed, including no access at all. What this means is that your web activity isn’t accessible by the extension at all. The other levels include:

  • On click – This means that an extension can access and alter data in your active tab when you click on the extension’s shortcut.
  • On specific sites – This means that only certain websites allow the extension to access and alter what is presented in the browser.
  • On all sites – This means that there are no restrictions on an extension, allowing it to access and alter data at any time.

Certain types of extensions may need this kind of access, while others will not. It is up to you to determine what access is appropriate for each to need, based on what they use to operate.

Step Two: Adjusting Your Current Permissions

If an extension doesn’t need the level of permissions that it demands, do everything you can to address this by adjusting its settings. If the extension allows this, these permissions can be adjusted by simply selecting your preferred option under Site access. Whenever possible, following a principle of least privilege is the safest bet for your data.

Step Three: Keep Permissions in Mind Moving Forward

Once your extensions’ access permissions are in check, you don’t want to just fall back into your old habits with any new extensions you add. Remember, these extensions prompt you with a brief dialog box explaining its default accessibility settings… pay attention to them. Whenever you activate an extension moving forward you need to be sure to keep these permissions in mind. It may be the difference between installing an extension or finding another option.

Total Tech Care can help you manage all your business technology through our proactive managed services and support. To find out more about our services, reach out to our team by calling 866-348-2602.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, 25 December 2024
If you'd like to register, please fill in the username, password and name fields.

Blog Archive

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      Free Consultation
       

      Tag Cloud

      Security Tip of the Week Technology Best Practices Business Computing Cloud Privacy Hackers Productivity Hosted Solutions Efficiency Software Business Google Network Security Microsoft Internet Email Malware Workplace Tips Backup Innovation Data User Tips Computer Mobile Devices Hardware IT Services Android VoIP Disaster Recovery communications Smartphones Communication Business Continuity IT Support Miscellaneous Smartphone Mobile Device Browser Small Business Network Productivity Collaboration Quick Tips Cybersecurity Business Management Users Upgrade Phishing Managed IT Services Windows Outsourced IT Data Backup Ransomware Windows 10 Server Save Money Data Recovery Cloud Computing Office Windows 10 Passwords Chrome Gadgets Virtualization Social Media Tech Term Saving Money Holiday Managed IT Services Microsoft Office Automation Managed Service Operating System Facebook Artificial Intelligence Computers Cybercrime Networking IT Support Hacking Internet of Things Wi-Fi Health BYOD Mobile Device Management Spam Covid-19 Managed Service Provider Office 365 Telephone Systems Alert Information Information Technology Remote Bandwidth Router BDR Social Engineering Mobility Recovery Employer-Employee Relationship Data Breach Applications Remote Monitoring Law Enforcement Big Data App History Mobile Computing Password Money Human Resources Application Encryption Mobile Office Government Blockchain Private Cloud Paperless Office Office Tips How To Training Managed IT VPN Apps Data Storage Patch Management Remote Computing Google Drive Mouse HaaS Servers Avoiding Downtime Data Security Wireless Flexibility Marketing Gmail Bring Your Own Device Data Management Work/Life Balance WiFi Settings Infrastructure Voice over Internet Protocol IT solutions Entertainment Website Vulnerability Budget Windows 7 Two-factor Authentication Word Vendor Safety Social Data Protection HIPAA Sports Managed Services Vendor Management Display Redundancy User Error Keyboard Meetings Employee/Employer Relationship RMM Risk Management Hacker Software as a Service Telephone System Staff Save Time Machine Learning The Internet of Things Lithium-ion battery Connectivity Remote Work Cleaning Firewall Conferencing End of Support Scam USB Virtual Reality Physical Security Education Apple Cryptocurrency Botnet Network Congestion IT Plan Database eWaste Humor PDF Remote Workers Unsupported Software Comparison Proactive IT Processor Charger CES Best Practice Wearable Technology Retail YouTube Hard Drives Compliance Hard Drive Computer Care Business Technology Content Management OneNote Black Market Instant Messaging Robot Current Events Excel Access Control Telephony Samsung Computing Virtual Assistant Biometrics Authentication Virtual Desktop Document Management Solid State Drive Wireless Technology Value Virus How to Downtime DDoS Unified Threat Management Spam Blocking Electronic Medical Records Update Digital Signage Computer Accessories SharePoint Data storage Automobile Hiring/Firing Google Docs Computing Infrastructure Customer Service Identity Theft Going Green Environment Procurement Workplace Strategy Net Neutrality Printer Fax Server Bluetooth Help Desk Printing Augmented Reality Battery Business Intelligence SaaS Fraud Shadow IT Legal Audit Worker Remote Worker IT Management Internet Exlporer IT Consultant Managed Services Provider Batteries Recycling Computer Fan Monitoring Bloatware Rootkit Windows 8.1 Notifications Digitize Wiring Practices Cache Amazon Web Services Workers Tablets Benefits Windows Server 2008 R2 Safe Mode Criminal FENG Customer relationships Entrepreneur Relocation Email Best Practices IBM IT Assessment Manufacturing GDPR Hosted Computing Wireless Internet Flash Shortcut Online Shopping Smart Technology Managed IT Service Consultant Security Cameras File Sharing Video Games Computer Tips Cost Management Software Tips Virtual CIO Social Networking Specifications Supercomputer OneDrive Biometric Security Camera Analytics Worker Commute Inventory Experience Wire Sync Evernote Emails Peripheral Using Data Best Available Scalability Digital Security Cameras Travel Millennials Copiers WIndows 7 5G Printers Business Owner Running Cable Smart Office Wireless Charging Netflix NarrowBand Quick Tip Memory Two Factor Authentication Smartwatch Search Root Cause Analysis Ergonomics HBO iPhone Workforce Knowledge Development Music OLED Virtual Private Network Skype Cables PCI DSS Virtual Machine Fiber Optics Employee Data loss 2FA Nanotechnology Outlook Windows Media Player Files Telecommuting Leadership Messaging Science Troubleshooting User Cabling Project Management PowerPoint Start Menu Cortana Chromecast Policy Hypervisor Loyalty Trend Micro Digital Signature Screen Mirroring Dark mode Frequently Asked Questions Colocation Customer Relationship Management Uninterrupted Power Supply SMS Books Managing Stress Default App Warranty Distributed Denial of Service HVAC Mobile Google Apps Windows 10s Procedure Analyitcs Saving Time Shopping Google Search Cameras Analysis Cast Monitor dark theme Programming Devices Tip of the week webinar AI Emergency IT Infrastructure Administrator Bing Enterprise Content Management Professional Services Public Cloud FinTech Employer Employee Relationship Reputation Assessment Streaming Media Social Network MSP Antivirus Accountants Content Thought Leadership Windows Server 2008 Credit Cards Tech Support Windows 8 Investment Microchip Employee/Employer Relationships Password Management Tools Techology IT service Password Manager Laptop Employees Customers Windows 365 Multi-Factor Security Television ISP Printer Server Audiobook Twitter Video Conferencing Tablet ROI Search Engine Bitcoin Shortcuts NIST Domains Business Mangement Touchpad Sales Point of Sale Trending Public Computer Personal Cryptomining Smart Tech Politics IaaS Addiction Regulations Advertising Maintenance Amazon Supply Chain Management Transportation

      Top Blog

      The reasoning for this is simple: you want to make sure that operations are proceeding as intended, even if you’re not there. If you completely check out from the workplace every time you leave, you could return from your vacation to a complete and total disaster that may have been prevented with y...
      QR-Code