Contact Us Today! 1-844-237-4300

Central Technology Solutions Blog

A Security Briefing on Chrome Extensions

A Security Briefing on Chrome Extensions

Did you know that, as of July 2020, 69 percent of global desktop Internet users utilized Google Chrome as their browser of choice? With such a large market share, the security associated with Google Chrome is important to keep in mind. To help increase some of this awareness, we wanted to talk about Chrome’s many extensions and the permissions they are too often granted, with minimal awareness from the user.

Let’s review what some of these permissions actually mean in terms of the data that these extensions can access, and how you can adjust them to suit your comfort level.

OBLIGATORY DISCLAIMER: This process will involve changing a few of your computer settings, so you should make sure to run these changes past your IT provider for confirmation before you make them. Feel free to ask them for help if it makes you more comfortable.

Evaluating What Permissions Have Been Granted

Just like a mobile device application, a browser extension is going to need some data to function properly. As your extensions operate within the browser, they are going to request your browsing data. However, some extensions (as well as applications) claim to require far more data than their tasks actually need, and request permission to access this excess.

A recent analysis of these permission requests revealed that this problem is present in over a third of all extensions.

So, we wanted to share a few steps to help you evaluate these access permissions so that you can rein back your controls in the future.

Step One: Check Permissions as They Stand

To start, you’ll need to find out which of your currently installed extensions have been given excessive permissions. In your browser, enter chrome:extensions into the address bar and review each extension that appears on the page. Looking through the Details, you’ll find a line labelled Site access.

These access levels describe the level of permissions that the extension has been granted. They include:

  • On click – This means that an extension can access and alter data in your active tab when you click on the extension’s shortcut.
  • On specific sites – This means that only certain websites allow the extension to access and alter what is presented in the browser.       
  • On all sites – This means that there are no restrictions on an extension, allowing it to access and alter data at any time.

Depending on the function of the extension, any one of these site access levels may be appropriate, while some may need no access at all. You will have to judge if the requested access is appropriate.

Step Two: Adjusting Permissions

Uh oh… one of your extensions has been granted far greater permissions than it would ever need. Fortunately, you can usually adjust these settings by selecting the appropriate option under Site access. Make sure you are following the principle of least privilege and minimizing access as much as possible. If an extension asks for too much, reconsider whether or not you need it, and delete it if able.

Three: Stay Cognizant of Permissions

Once you’ve sorted out your current extensions, make sure that you stay diligent whenever installing a new one. Before the installation starts, all extensions will prompt you with a dialog box explaining the permissions it requires. Don’t just click through this box—review the access that the extension is requesting, and judge whether to seek out an alternative.

Central Technology Solutions is here to help you remain proactive in your IT management and maintenance through our fully managed IT services. To learn more about how we can help your business with its technology, give us a call at 1-844-237-4300.

Cybercrime Spiking During the Pandemic
Tip of the Week: Simple Fixes to Common Android Is...

By accepting you will be accessing a service provided by a third-party external to

Join our mailing list!

  • Company Name *
  • First Name *
  • Last Name *

      Mobile? Grab this Article!

      QR-Code dieser Seite

      Tag Cloud

      Security Tip of the Week Technology Best Practices Business Computing Productivity Cloud Data Network Security Privacy Hosted Solutions IT Services Email Data Backup Internet Malware Hackers IT Support Software Efficiency Business Outsourced IT Innovation Microsoft Mobile Devices Hardware Data Recovery Google Productivity Computer Managed IT Services Business Continuity Small Business Smartphone Upgrade IT Support Phishing Collaboration Cloud Computing Cybersecurity User Tips Backup Disaster Recovery Communication Ransomware Mobile Device Business Management Tech Term Workplace Tips Managed IT Services VoIP Managed Service Provider Windows 10 Smartphones Android Managed Service Quick Tips Internet of Things Paperless Office Data Management Social Media communications Network Browser Encryption Remote Monitoring Covid-19 Managed IT Facebook Saving Money Remote Work Windows 10 Artificial Intelligence Office 365 Windows Save Money Server BDR Virtualization Help Desk Users Business Technology Miscellaneous Apps Passwords BYOD Holiday Document Management Wi-Fi Chrome Compliance Risk Management Mobile Device Management Microsoft Office Automation App Government Windows 7 Healthcare Vendor Management Password Health Training Analytics Office Applications Firewall Gmail Content Filtering Recovery Employer-Employee Relationship Unified Threat Management Money Big Data Avoiding Downtime Bring Your Own Device Going Green Blockchain Data Security Robot Bandwidth Laptops Mobility Computers IT Management File Sharing Information Storage Redundancy Mobile Office Apple Tip of the week Scam Files Two-factor Authentication Project Management Antivirus Gadgets Computing Data storage Infrastructure Processor Data loss Vulnerability Information Technology Wireless Telephone Systems Hosted Solution SaaS Website Regulations Settings Machine Learning Hard Drive IoT Tablet Meetings Software as a Service Router Social Company Culture Maintenance Flexibility VPN RMM Customer Service Customer Relationship Management Politics OneDrive Virtual Private Network Work/Life Balance Proactive Unified Communications Budget Virtual Reality WiFi Access Control Employee-Employer Relationship Printing Operating System Downtime Remote Computing IT Service Monitors Search Alert Dark Web Business Growth IT solutions Electronic Medical Records Augmented Reality Word Social Network Electronic Health Records The Internet of Things Mobile Computing How To Samsung Hacker Employees Sports File Management Monitoring Smart Technology Solid State Drive Current Events Recycling Net Neutrality Wireless Technology Legal Payment Cards Chromebook Private Cloud Patch Management Time Management Networking Tech Support Data Storage Utility Computing Consulting Instant Messaging Co-Managed IT Internet Exlporer Data Breach Digital Payment Upgrades Spam Professional Services Managed Services Network Management Websites Identity Theft HIPAA Managed Services Provider Licensing Assessment Cooperation Bitcoin YouTube Twitter Management How To Mobile Security Remote Monitoring and Management Server Management Mouse Display Remote Outlook Administration Remote Worker End of Support Consultation Remote Workers Uninterrupted Power Supply Education Google Drive LiFi Virtual Desktop Proactive Maintenance Digitize Digital Unsupported Software Obstacle Virus Fraud Screen Reader Permission Wasting Time Smart Devices Update Disaster Resistance Banking Mirgation Features Motherboard Google Wallet Geography Authorization ROI Superfish Peripheral GPS Downloads Solid State Drives Credit Cards Cyber Monday technology services provider Mobile Favorites Return on Investment User Error Language Hard Drives Google Docs Fleet Tracking Procurement Teamwork Social Engineering Bluetooth USB Database Management Shadow IT Spyware Mobile Data Course Crowdsourcing Smart Tech Test Database Sensors Proactive IT Reviews Supercomputer Migration Cache Humor Shortcut G Suite History Data Warehousing Drones High-Speed Internet Notes PCI DSS Tracking Operations Star Wars Backups Options Holidays Google Maps Technology Assurance Group ’s 18 Deep Learning Conferencing Marketing Active Directory Dark Data Firefox Personal Information Outsource IT Taxes Computing Infrastructure Asset Tracking Shared resources Windows Server 2008 Safety Cyberattacks GDPR Outsourcing MSP Buisness Voice over Internet Protocol Heating/Cooling IT Consulting IT Budget Technology Tips Chatbots WannaCry Notifications Cabling Microsoft Excel Modem Alt Codes Development Zero-Day Threat PowerPoint Value of Managed Services Multi-Factor Security Wearable Technology 5G IT Distributed Denial of Service Annual Convention Managing Stress Windows Server Laptop Printer Alerts Cryptocurrency OneNote Hacking Black Market eWaste Read Only Video Conferencing Point of Sale Tech Terms Telephone Writing Servers Emoji Comparison Identity Wireless Internet Business Telephone Cybercrime Cookies Typing Cables Backup and Disaster Recovery Network Congestion CRM Google Calendar Hacks Sync Managed IT Service San Diego Best Practice Enterprise Content Management Finance Security Cameras User Management Computer Repair Telephony Remote Working Manufacturing Optimization Disaster Trending Biometric Physical Security Mail Merge Law Enforcement Theft Transportation Mobile VoIP Retail Cortana Technology Laws Public Cloud Specifications Employer/Employee Relationships IT Assessment VoIP 3D Printing Sponsor Travel Permissions Nanotechnology Wires Human Error Virtual Assistant Vendor Touchscreen Techology Botnet Legislation IT Technicians Cost Management E-Commerce Mobile Device Managment Software Tips Break Fix Social Networking Vulnerabilities Authentication Batteries Lenovo SharePoint Staff Windows 8 Connectivity Save Time Hard Disk Drives Virtual Machines Processors Black Friday Roanoke — Central Technology Solutions Enterprise Resource Planning Bookmarks Projects Gamification Office Tips Address Gadget Unified Threat Management Hotspot Identities WPA3 Financial Cyber security Statistics Automobile Computer Care Motion Sickness CCTV Administrator Regulation Relocation Hard Disk Drive Webcam Emergency IT Consultant CrashOverride Error Printers Web Server Cameras Students