Contact us today!
866-348-2602

Total Tech Care Blog

Total Tech Care has been serving Florida since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Evaluating the Security of Your Chrome Extensions

Evaluating the Security of Your Chrome Extensions

Google Chrome is currently used by 69 percent of global desktop Internet users, as of July of 2020. With such a large amount of people using Chrome, its security becomes even more important… which makes it all the worse that many people are unaware of the permissions that some of its extensions claim.

Let’s go over how you can review how much of your data these Chrome extensions can access, and how you can adjust these permissions more to your liking.

Fair warning: This will naturally require you to change a few settings, so don’t be afraid to reach out to your IT provider to confirm these changes are okay to make and for assistance in doing so.

What Permissions Have Extensions Been Granted?

Here’s the thing—the extensions that you have installed into the Chrome browser, much like the applications that can be installed on a mobile device, will require some of your browsing data in order to function. Many extensions and applications, however, take claim of far greater permissions than their functionality requires in practice. In fact, a recent analysis of extension permissions shows that over a third of all extensions do this!

Here are a few steps that allow you to evaluate your Chrome extension permissions and help you to avoid granting them too much access in the future.

Step One: Evaluate Your Current Permissions

First, you will want to find out how many of your installed extensions currently ask for too much. To do so, you’ll need to type chrome:extensions into the address bar and go through the Details of each extension that appears on the page.

There, you’ll find a line annotated with Site access. There are various access levels that an extension can have once it is installed, including no access at all. What this means is that your web activity isn’t accessible by the extension at all. The other levels include:

  • On click – This means that an extension can access and alter data in your active tab when you click on the extension’s shortcut.
  • On specific sites – This means that only certain websites allow the extension to access and alter what is presented in the browser.
  • On all sites – This means that there are no restrictions on an extension, allowing it to access and alter data at any time.

Certain types of extensions may need this kind of access, while others will not. It is up to you to determine what access is appropriate for each to need, based on what they use to operate.

Step Two: Adjusting Your Current Permissions

If an extension doesn’t need the level of permissions that it demands, do everything you can to address this by adjusting its settings. If the extension allows this, these permissions can be adjusted by simply selecting your preferred option under Site access. Whenever possible, following a principle of least privilege is the safest bet for your data.

Step Three: Keep Permissions in Mind Moving Forward

Once your extensions’ access permissions are in check, you don’t want to just fall back into your old habits with any new extensions you add. Remember, these extensions prompt you with a brief dialog box explaining its default accessibility settings… pay attention to them. Whenever you activate an extension moving forward you need to be sure to keep these permissions in mind. It may be the difference between installing an extension or finding another option.

Total Tech Care can help you manage all your business technology through our proactive managed services and support. To find out more about our services, reach out to our team by calling 866-348-2602.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, 24 April 2025
If you'd like to register, please fill in the username, password and name fields.

Blog Archive

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      Free Consultation
       

      Tag Cloud

      Security Tip of the Week Technology Best Practices Business Computing Cloud Privacy Hackers Productivity Hosted Solutions Software Efficiency Google Business Network Security Microsoft Internet Email Malware Backup Workplace Tips Innovation User Tips Data Computer Mobile Devices Hardware IT Services Disaster Recovery Android VoIP communications Communication Business Continuity IT Support Smartphones Miscellaneous Smartphone Mobile Device Small Business Network Browser Collaboration Productivity Cybersecurity Quick Tips Business Management Users Phishing Windows Upgrade Managed IT Services Outsourced IT Ransomware Data Backup Windows 10 Cloud Computing Office Server Save Money Data Recovery Passwords Windows 10 Gadgets Virtualization Social Media Saving Money Holiday Tech Term Chrome Automation Managed Service Microsoft Office Managed IT Services Facebook Computers Artificial Intelligence Cybercrime Operating System Wi-Fi BYOD Health Mobile Device Management Networking IT Support Hacking Internet of Things Alert Information Information Technology Remote Managed Service Provider Spam Office 365 Covid-19 Telephone Systems Recovery Employer-Employee Relationship Bandwidth Router Social Engineering Mobility BDR App History Mobile Computing Password Money Application Human Resources Encryption Applications Data Breach Remote Monitoring Big Data Law Enforcement Office Tips Paperless Office Training How To Managed IT VPN Apps Data Storage Patch Management Remote Computing Mobile Office Government Blockchain Private Cloud Flexibility Wireless Marketing WiFi Bring Your Own Device IT solutions Gmail Data Management Entertainment Website Work/Life Balance Infrastructure Budget Settings Voice over Internet Protocol Two-factor Authentication Vulnerability Windows 7 Word Mouse Google Drive HaaS Servers Avoiding Downtime Data Security Telephone System Staff Software as a Service Save Time Machine Learning The Internet of Things Employee/Employer Relationship Lithium-ion battery Remote Work RMM Connectivity Cleaning USB Firewall Conferencing End of Support Virtual Reality Apple Education Scam Physical Security Safety Social Data Protection HIPAA Sports Redundancy User Error Keyboard Vendor Management Meetings Vendor Managed Services Display Risk Management Hacker Samsung Solid State Drive Wireless Technology Computer Accessories How to Downtime DDoS Hard Drive Value SharePoint Update Data storage Electronic Medical Records Spam Blocking Automobile Printer Computing Bluetooth Google Docs Identity Theft Hiring/Firing Computing Infrastructure Customer Service Environment Going Green Fax Server Digital Signage IT Consultant Augmented Reality Battery Fraud Shadow IT SaaS Business Intelligence Legal Remote Worker Humor Worker Internet Exlporer Procurement Audit Network Congestion Net Neutrality Cryptocurrency IT Management Workplace Strategy eWaste PDF Botnet Help Desk IT Plan Printing Comparison Proactive IT Unsupported Software CES Best Practice Wearable Technology Managed Services Provider Hard Drives Charger YouTube Retail Database Business Technology Instant Messaging Content Management Black Market Robot Access Control Excel Compliance Computer Care Remote Workers Virus OneNote Virtual Assistant Biometrics Current Events Processor Telephony Virtual Desktop Authentication Unified Threat Management Document Management Root Cause Analysis Cables Computer Tips Managed IT Service Security Cameras Managing Stress Biometric Security HBO Knowledge Virtual CIO Music OneDrive Files Peripheral Project Management Skype Nanotechnology Science Telecommuting Cameras Data loss Cortana Digital Security Cameras Chromecast Using Data 5G Outlook Digital Signature Leadership Troubleshooting Copiers Colocation Quick Tip Uninterrupted Power Supply Distributed Denial of Service Warranty Start Menu Customer Relationship Management HVAC Screen Mirroring Analyitcs Google Apps Loyalty Ergonomics Smartwatch OLED Frequently Asked Questions Programming Analysis Books Monitor Development PCI DSS Virtual Machine Administrator Mobile Devices Windows 10s Enterprise Content Management Printer Server Cast 2FA Fiber Optics Employee Messaging Streaming Media Antivirus Cabling MSP Tip of the week Accountants webinar Emergency Reputation Credit Cards Employer Employee Relationship Policy Tech Support Hypervisor Microchip Professional Services Thought Leadership Public Cloud Content Windows 8 Password Management Password Manager Assessment Techology Dark mode Laptop Trend Micro IT service SMS Default App Windows Server 2008 Multi-Factor Security Customers Procedure Saving Time Search Engine Tools Twitter Audiobook Tablet Google Search NIST Business Mangement Television dark theme Touchpad Shopping Domains AI IT Infrastructure Smart Tech Trending Amazon Advertising FinTech IaaS Maintenance Bing Addiction Politics Bloatware Recycling Public Computer Social Network Notifications Investment Wiring Regulations Practices Transportation Tablets Amazon Web Services Rootkit Employees Employee/Employer Relationships Consultant Cache Computer Fan ISP Safe Mode Analytics Entrepreneur Criminal Windows 365 Relocation Video Conferencing ROI GDPR Hosted Computing Workers Benefits Online Shopping Sales Bitcoin Best Available Shortcut Shortcuts Wireless Internet FENG Cryptomining File Sharing Cost Management IBM Video Games Point of Sale Personal WIndows 7 Supply Chain Management Camera Flash Social Networking Inventory Worker Commute Specifications Smart Technology Experience Evernote Monitoring Batteries Wire Software Tips Supercomputer Scalability Windows 8.1 Travel Digitize Running Cable Windows Server 2008 R2 Printers Sync Emails Business Owner Millennials Memory Wireless Charging Customer relationships NarrowBand Smart Office Manufacturing PowerPoint Windows Media Player Search Email Best Practices IT Assessment User iPhone Virtual Private Network Netflix Workforce Two Factor Authentication

      Top Blog

      The reasoning for this is simple: you want to make sure that operations are proceeding as intended, even if you’re not there. If you completely check out from the workplace every time you leave, you could return from your vacation to a complete and total disaster that may have been prevented with y...
      QR-Code