Recently Google announced a change to its Google Drive interface, encouraging Google Apps users to connect 3rd party apps to their data in Google Drive. This change will certainly drive users to try new apps in the Google Apps ecosystem, and will make enterprises using the online productivity suite assess which 3rd party apps should be allowed in corporate accounts. In this post, we’ll look at how end-users can connect 3rd party apps to their data, and how companies can decide which apps should be enabled in the corporate domain.
How to Connect 3rd Party Apps to a Google Drive Account
Clicking on an app will bring you to a detailed description along with user ratings:
Once you’ve clicked to connect the app, you’ll see the following:
When a user clicks “Allow access” (and they will), the application will now be linked to their account, letting it:
- View basic information about their account
- View and manage files that they have opened or created with the app
- Manage the user’s contacts
- Perform these operations even when the user is not using the application
Later we’ll get into more on what these permissions mean and how companies can manage which apps can do what within their domains.
Using a 3rd Party App in Google Drive
Let’s take the example of an app called Form+, which allows you to extend the features and design of Google Forms. Once you’ve clicked on the “connect more apps” link in the create menu and found Form+, you’ll see:
After clicking to connect Form+, you’ll be asked to grant the following permissions:
Clicking to allow access will bring you to a secondary permissions page:
Clicking allow access again will bring you to the app, allowing you to create a new form.
Taking a look in Google Drive, you’ll see that Form+ has created a new folder containing a link to the form as well as the spreadsheet containing submitted answers:
Clicking on the file “New Form.form” will redirect you to the form within the Form+ application:
What Connected 3rd Party Apps Mean To Companies Using Google Apps
Enabling Trusted 3rd Party Apps in Google Drive
Now that end-users can decide which 3rd party apps they want to use personally, this can be a huge productivity boost, allowing employees to get their work done in whatever way they see fit. When employees find apps that boost their efficiency, companies may want to roll out these apps company-wide as part of a corporate Approved Application Policy.
CloudLock Apps Firewall is designed to allow users the freedom and flexibility to perform their daily tasks while providing IT with the visibility and control to enforce the Approved Application Policy (AAP).
Control The Information 3rd Party Apps Can Access
Conversely, companies will want to discover, classify, and decide which 3rd party apps should not be allowed access to the corporate domain.
Some examples of cases where a customer needed to revoke an application follow:
- Legitimate Applications That Behave Unexpectedly – We’ve seen a perfectly legitimate productivity application from an established company performing unexpected actions. For example: files that are accessed by the application were shared externally without the user explicitly allowing this action.
- Questionable Apps – We’ve witnessed applications that were granted access to users contacts that sent spam to every employee.
- Well-known Applications That Are Hacked – We have seen instances where a popular and established application has been hacked, putting all users that have given access to the app at risk.
Google’s push to let end-users decide which apps should have access to their data will drive adoption of 3rd party apps. This increase of employee productivity must also be balanced by the need for security of corporate data and accounts.
CloudLock Collaboration Security
See how CloudLock Collaboration Security can help your organization manage sharing policies based on content patterns, keywords and metadata. 7 day free trials are available on the Google Apps Marketplace.
CloudLock Apps Firewall
See how CloudLock Apps Firewall can detect potential risk created when 3rd party apps are authorized by employees and apply mitigating controls.