For anyone who hasn't come across them, they are typically self-contained applications that display information...
often pulled from a remote source. Gadgets, for example, can report the latest weather and real-time stock prices. Some also display local or system information, including laptop battery levels and "To Do" lists.
Throughout the rest of this article, I shall refer to all varieties as gadgets.
At this early stage in their evolution, you need to exercise a degree of caution when deciding to install a gadget. As the use of gadgets becomes more widespread, hackers will quickly take advantage of them and use them to attack. I would only install gadgets that you know come from reputable sources or are digitally signed. A digitally signed gadget verifies an author's authenticity.
For system administrators, I would seriously consider whether to allow the use of these gadgets. I haven't yet seen any that provide must-have functionality. Some organizations use them to provide constant updates to employees on enterprise data, such as sales levels or support call waiting times. While this type of gadget certainly offers some benefits, I would want to know whether the gadget displays reliable data, doesn't burden the network and is compliant with e-discovery regulations.
Dig Deeper on Web application and API security best practices
Related Q&A from Michael Cobb
Researchers developed a tool to help prevent improper certificate pinning that causes security issues. Expert Michael Cobb reviews the issue and the ...continue reading
Google Project Zero discovered a WPAD attack that could target systems running Windows 10. Expert Michael Cobb explains how the attack works and how ...continue reading
App trackers were found in hundreds of Google Play apps. Expert Michael Cobb explains the threat they pose and how GDPR has the potential to reduce ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.