For anyone who hasn't come across them, they are typically self-contained applications that display information...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
often pulled from a remote source. Gadgets, for example, can report the latest weather and real-time stock prices. Some also display local or system information, including laptop battery levels and "To Do" lists.
Throughout the rest of this article, I shall refer to all varieties as gadgets.
At this early stage in their evolution, you need to exercise a degree of caution when deciding to install a gadget. As the use of gadgets becomes more widespread, hackers will quickly take advantage of them and use them to attack. I would only install gadgets that you know come from reputable sources or are digitally signed. A digitally signed gadget verifies an author's authenticity.
For system administrators, I would seriously consider whether to allow the use of these gadgets. I haven't yet seen any that provide must-have functionality. Some organizations use them to provide constant updates to employees on enterprise data, such as sales levels or support call waiting times. While this type of gadget certainly offers some benefits, I would want to know whether the gadget displays reliable data, doesn't burden the network and is compliant with e-discovery regulations.
Dig Deeper on Web application and API security best practices
Related Q&A from Michael Cobb
Many users of the file-sharing website Docs.com were unaware that the sensitive data they uploaded was searchable. Expert Michael Cobb explains how ...continue reading
The libpurple library contains a code execution vulnerability that affects the IM clients that were developed using it. Expert Michael Cobb explains ...continue reading
The ReBreakCaptcha exploit can bypass Google's reCAPTCHA verification system using flaws in Google's own API. Expert Michael Cobb explains how the ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.