close
magnifying glass
Get Started
magnifying glass
chevron
Support Language
close
Your Network of Tomorrow
Your Network of Tomorrow
Plan your path toward a faster, more secure, and more resilient network designed for the applications and users that you support.
chevron Get the white paper
            Experience Netskope
            Get Hands-on With the Netskope Platform
            Here's your chance to experience the Netskope One single-cloud platform first-hand. Sign up for self-paced, hands-on labs, join us for monthly live product demos, take a free test drive of Netskope Private Access, or join us for a live, instructor-led workshops.
            chevron Experience Netskope
              A Leader in SSE. Now a Leader in Single-Vendor SASE.
              Netskope is recognized as a Leader Furthest in Vision for both SSE and SASE Platforms
              2X a Leader in the Gartner® Magic Quadrant for SASE Platforms
              One unified platform built for your journey
              chevron Get the report
                ""
                Netskope One AI Security
                Organizations need secure AI to move their business forward, but controls and guardrails must not require sacrifices in speed or user experience. Netskope can help you say yes to the AI advantage.
                chevron Learn about Netskope One AI Security
                  ""
                  Netskope One AI Security
                  Organizations need secure AI to move their business forward, but controls and guardrails must not require sacrifices in speed or user experience. Netskope can help you say yes to the AI advantage.
                  chevron Learn about Netskope One AI Security
                    Modern data loss prevention (DLP) for Dummies eBook
                    Modern Data Loss Prevention (DLP) for Dummies
                    Get tips and tricks for transitioning to a cloud-delivered DLP.
                    chevron Get the eBook
                      Modern SD-WAN for SASE Dummies Book
                      Modern SD-WAN for SASE Dummies
                      Stop playing catch up with your networking architecture
                      chevron Get the eBook
                        Understanding where the risk lies
                        Advanced Analytics transforms the way security operations teams apply data-driven insights to implement better policies. With Advanced Analytics, you can identify trends, zero in on areas of concern and use the data to take action.
                        chevron Watch the demo
                            2025-10-UZTNA-ebook
                            6 Reasons Universal ZTNA is a Smart Escape from VPN and NAC Chaos
                            Ditch the complexity of VPNs and NAC. Learn how Universal ZTNA secures every user and device with one consistent framework.
                            chevron Get the eBook
                              Colgate-Palmolive Safeguards its "Intellectual Property” with Smart and Adaptable Data Protection
                              Colgate-Palmolive Safeguards its "Intellectual Property” with Smart and Adaptable Data Protection
                              chevron Read the case study
                                Netskope GovCloud
                                Netskope achieves FedRAMP High Authorization
                                Choose Netskope GovCloud to accelerate your agency’s transformation.
                                chevron Learn about Netskope GovCloud
                                    Netskope Technical Support
                                    Netskope Technical Support
                                    Our qualified support engineers are located worldwide and have diverse backgrounds in cloud security, networking, virtualization, content delivery, and software development, ensuring timely and quality technical assistance
                                    chevron Technical Support
                                      Netskope video
                                      Netskope Training
                                      Netskope training will help you become a cloud security expert. We are here to help you secure your digital transformation journey and make the most of your cloud, web, and private applications.
                                      chevron Explore Netskope Training
                                        ""
                                        Maximize your SASE ROI with Netskope Business Value Services
                                        Start proving ROI. Netskope BVS is a complimentary consulting service that quantifies the financial and strategic impact of your SASE transformation.
                                        chevron Request a consultation
                                          Let's do great things together
                                          ""
                                          Netskope’s partner-centric go-to-market strategy enables our partners to maximize their growth and profitability while transforming enterprise security.
                                          chevron Netskope Partners

                                            Are you giving away the keys to your kingdom…unknowingly?

                                            Oct 10 2017
                                            By Ashutosh Thakur
                                            Tags
                                            Data Exfiltration
                                            G Suite Ecosystem
                                            Google Cloud Security
                                            Google Drive Encryption
                                            Google Drive Security
                                            Oauth2.0

                                            On a recent visit to a company highlighted as a shining star of disruptive innovation, the CISO expressed concern about being blindsided by third-party apps connecting to their Google Suite. He was concerned about a proliferation of third-party apps that can, at a click of a button, gain complete control of a user’s data whether that data is personal or corporate information.

                                            The permissions for these third-party apps are granted behind the scenes via OAuth access tokens and the Gdrive Admin may be unaware of a new third-party app that is allowed to not only view but also manage corporate data. Google does provide the capability to allow list certain apps and revoke the tokens, however we have noticed that this capability has some limitations. This is where Netskope provides added value to the G Suite offering.

                                            For G Suite, Netskope lists the third-party apps that are installed in the customer domain using an OAuth 2.0 token. Netskope identifies these apps and describes them using a Netskope Cloud Confidence Index (CCI) score, Google scopes (permissions) required to run those apps, and severity type (High or low severity).

                                            Users can create policies to revoke apps based on specific criteria. Policies may be based on an app ID, scopes used, CCI score, and more. Here are some fine-grained use cases.

                                            1. Revoke app access for either all users or selected users who have installed the app. (i.e allow only certain users to install apps and exclude others from the policy).
                                            2. Allow certain apps for certain users but revoke for everyone else
                                            3. Leverage multiple criteria for revocation policies. For example, revoke based on:
                                              • A selected profile comprising a custom list of Google apps and plugins or upload a .csv file comprising the same.
                                              • 200 different Google scopes (set of resources and operations that an access token permits like view, manage, share, etc.). You have the option to select a single scope or multiple scopes. You can also select All, High Impact, or Low Impact to further filter the scopes shown.
                                                • With this option, you can select apps/plugins based on their Cloud Confidence Index Level (CCL).
                                                • With this option, all connected apps/plugins are selected.

                                            Of course, we wouldn’t want you to be inundated with support cases about not being able to access revoked third-party apps. So Netskope gives you the capability to email users that their app is being revoked.

                                            So keep calm and allow your employees to install these plugins knowing fully well that you have the ability to monitor and control third-party apps and block high-risk apps with unnecessary and irrelevant permissions needed for installation. This should also reduce the risk of being a victim of the next Google phishing attack.

                                            < Platform, Products, & Services
                                            Next Story >
                                            < Back
                                            Next >
                                            author image
                                            Ashutosh Thakur
                                            Browse recent articles by Ashutosh Thakur, one of the contributors at Netskope. Discover the latest trends and updates within the cloud and network space.
                                            Browse recent articles by Ashutosh Thakur, one of the contributors at Netskope. Discover the latest trends and updates within the cloud and network space.
                                            Read More
                                            More Articles by Ashutosh Thakur
                                            Read full Bio
                                            More articles

                                            Related Articles

                                            card shape
                                            Platform, Products, & Services

                                            Risk, Compliance, and Continuity: Reflections From HIMSS 2026

                                            By Kevin Cornejo
                                            chevron Read the blog
                                            card shape
                                            Platform, Products, & Services

                                            An AI Reality Check: Introducing the Netskope AI Index

                                            By Ray Canzanese
                                            chevron Read the blog
                                            card shape
                                            Platform, Products, & Services

                                            Securing Agentic AI Before It Scales Past You

                                            By Melody Nouri
                                            chevron Read the blog
                                            Show More
                                            Connect with Netskope

                                            Subscribe to the Netskope Blog

                                            Sign up to receive a roundup of the latest Netskope content delivered directly in your inbox every month.
                                            Subscribe now