Why it's important?
Startups use an average of 100 apps on a daily basis, with ecosystems that are becoming more and more integrated: think of apps connected to your GitHub org, Slack workspace and so on…
To be functional, all these apps need to be granted permission to access your users and company data: Drive files, calendars, Gmail inboxes, Github repos… All too often, we give this access without a second thought.
Monitoring third-party apps in an organisation is not an easy task:
- It’s very hard to assess the potential risk of an app and its associated permissions, let alone 100 of them
- At first sync, all apps seem useful and relevant: but in the long term, we accumulate many unused apps that need to be verified and cleansed - the problem is: we forget about them.
As a result startups end up having many open doors to their systems and assets: things can get tricky when the app is malicious, or ends up becoming compromised (and npm learned this the hard way).
elba solution
Whenever an app with sensitive permissions is connected or unused for months, elba notifies the user to give them more visibility on the risk involved and allows them to revoke access in one click.
Enlighten your teams on the scopes they grant to their apps
Stop accumulating access debts with unused apps
Meet your compliance goals with continuous monitoring of 3rd parties