This Familiar Pop-up Could Be Hiding a Nasty Surprise | Y-Not Tech Services – Lethbridge, AB IT Support Business

by

This Familiar Pop-up Could Be Hiding a Nasty Surprise | Y-Not Tech Services - Lethbridge, AB IT Support BusinessThis Familiar Pop-up Could Be Hiding a Nasty Surprise

If your business uses Microsoft 365 applications, you or your employees may have encountered a pop-up window requesting permission to access various account data.

In this article, we’ll cover choosing the safest option next time you encounter this pop-up.

What Is the “Permissions Requested” Pop-up?

This innocuous-looking window pops up from time to time within programs such as Outlook, Teams, SharePoint, and others. It prompts users to grant a specific app or add-in permission to access parts of their Microsoft account.

Users are quick to press the Accept button to remove the pop-up; however, as with any unsolicited request, caution is key, especially considering the sensitive nature of the business data in your Microsoft 365 account.

Understanding the Dangers of Overly Broad Access

At first glance, a request for permission may seem minor or necessary to use a certain program feature, but have you considered what exactly you may be granting access to? And more importantly, WHO are you granting it to?

You could be granting a third-party the ability to:

  • access all files within your account, both reading and writing;
  • read all of your emails and send emails as you;
  • read and modify any calendar you have access to;
  • read all of your contacts;
  • read Teams chat messages;
  • read all full user profiles within Microsoft 365;
  • and much more.

By approving these requests without understanding, you could unwittingly hand over control of your entire Microsoft environment and any contained data to an unknown third party. They would have ongoing access, potentially even after the app is removed.

Legitimate Uses

Certain apps and add-ins within Microsoft 365 do have legitimate integration needs. For example, your job scheduling CRM may require calendar and email access.

A project management tool allowing teams to collaborate directly within SharePoint may also need permission to upload files on behalf of users.

In these cases, granting an appropriate amount of permission makes sense.

What to Look For in a “Permissions Requested” Pop-Up

The key is to carefully review the proposed permissions for all external apps and add-ins, and understand precisely what access is required.

For example, reviewing the name of the requesting app or add-in can help determine if it’s something your company has purposefully installed or a potentially suspicious third-party program. If it says “Unverified” or “This app may be risky,” it might be best to press the Cancel button for now.

Check which specific permissions are being asked for. Does it make sense for a graph-making add-in to ask for full access to your emails and their contents? Probably not.

Checking with Your IT Team

If any aspect of the request seems ambiguous, vague, or overly broad in scope, it’s always best to approve it only once it can be validated by your company’s IT staff or managed service provider.

Their oversight helps ensure all access to Microsoft 365 data aligns with approved usage policies and does not inadvertently enable unauthorized or unintended access that could pose future risks. Even if it requires delaying approval, taking these extra precautions is well worth it to help maintain a secure environment.

After all, it’s much easier for your IT staff to investigate before sensitive data is exposed than to deal with potential security issues or breaches later.

If you have any questions or are concerned that you may have given an App too much access in the past, reach out to book an appointment with us.

 

Book an Appointment

Testimonials

  • Tony is knowledgeable, friendly and efficient. Read More
    Bruce W.
  • Tony was great to do business with. He knew exactly what needed to be done even with the little amount of information I had about the project!!! Competitive pricing I will definitely call him again!! Read More
    Graham F.
  • Very friendly, personable and present when explaining what is going on with the computer, appreciated a good dialogue and helpfulness you provided! Read More
    Darlene B.
    Lethbridge, AB
  • Tony is the best IT computer guy I have ever used, he has fixed problems the big guys said I had to buy a new computer for and then I got him to set up internet stuff for the house...again awesome and someone I trust. (from google.com) Read More
    David Duggan
  • Y-Not Tech Services is a excellent tech company that answers all your questions regarding computer problems. Tony is completely honest in explaining options to deal with the problem, and then recommends the best option to use. His advice is based on not just his own consensus, but as well checks with other techs in his... Read More
    Derrick Boyko
    Coaldale, AB
  • Tony walked in to drop off a business card and when he walked out. 3 issues I had on my computer were gone and I had a new anti virus. Phenomenal service I would recommend him to anyone ! (from facebook.com/ynottechservices) Read More
    Ryan Brigham
    Big Al's Music and Games in Lethbridge, AB
  • I trust my tech guy! ... (it's Tony) best option if you don't watch your scans and security. Read More
    Kehly Rath
  • Will recommend to anybody. He is darn good. Read More
    Shima Raj
  • He is fast to respond and has always been able to walk me through any problem I have. I always rely on Tony for my tech needs. Read More
    Heather Arstall
  • Will always recommend the best product or service to fit your unique needs. Read More
    Bev Trahan
Get Your Free Ebook

FOLLOW US

Book an Appointment with us!

Book an Appointment