How to know and disallow corporative Google Apps users to access third party apps with their corporative Google Apps accounts?

Question

How can a security administrator of Google Apps for an organization that has linked @organization.com accounts to Google Apps to know and disallow that users use their users@organization.com accounts to register and login to third party apps like for example Security Stackexchange?

The risk is that when a user access an app, a forum or a webapp, using Oauth authentication against Google, the user gives privileges to the authenticated application. For example, reading your Google Drive documents.

I know that you can use Google API or CASB (Cloud Access Security Brokers) applications (expensive) in order to control it but I'm looking other possibilities.

Don't know the answer I'm afraid as I wouldn't recommend Google Apps. However, the UK's Cabinet Office (GDS) supposedly do this, you might try to see if they have published their configuration by searching on the gov.uk website. However, there is anecdotal evidence that suggests it doesn't actually work, at least in their case. — Julian Knight, Jan 23 '16 at 16:05

How to know and disallow corporative Google Apps users to access third party apps with their corporative Google Apps accounts?

0 Answers0