For anyone who hasn't come across them, they are typically self-contained applications that display information...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
often pulled from a remote source. Gadgets, for example, can report the latest weather and real-time stock prices. Some also display local or system information, including laptop battery levels and "To Do" lists.
Throughout the rest of this article, I shall refer to all varieties as gadgets.
At this early stage in their evolution, you need to exercise a degree of caution when deciding to install a gadget. As the use of gadgets becomes more widespread, hackers will quickly take advantage of them and use them to attack. I would only install gadgets that you know come from reputable sources or are digitally signed. A digitally signed gadget verifies an author's authenticity.
For system administrators, I would seriously consider whether to allow the use of these gadgets. I haven't yet seen any that provide must-have functionality. Some organizations use them to provide constant updates to employees on enterprise data, such as sales levels or support call waiting times. While this type of gadget certainly offers some benefits, I would want to know whether the gadget displays reliable data, doesn't burden the network and is compliant with e-discovery regulations.
Dig Deeper on Web application and API security best practices
Related Q&A from Michael Cobb
Geofencing technology is increasingly being used as a security tactic, such as to control access to servers with DNS settings. Expert Michael Cobb ...continue reading
After a remote code execution flaw in PHPMailer was patched, the problem persisted, and had to be repatched. Expert Michael Cobb explains how the ...continue reading
The same-origin security feature in Adobe Flash Player was implemented incorrectly, allowing local attackers to spy on users. Expert Michael Cobb ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.