For anyone who hasn't come across them, they are typically self-contained applications that display information...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
often pulled from a remote source. Gadgets, for example, can report the latest weather and real-time stock prices. Some also display local or system information, including laptop battery levels and "To Do" lists.
Throughout the rest of this article, I shall refer to all varieties as gadgets.
At this early stage in their evolution, you need to exercise a degree of caution when deciding to install a gadget. As the use of gadgets becomes more widespread, hackers will quickly take advantage of them and use them to attack. I would only install gadgets that you know come from reputable sources or are digitally signed. A digitally signed gadget verifies an author's authenticity.
For system administrators, I would seriously consider whether to allow the use of these gadgets. I haven't yet seen any that provide must-have functionality. Some organizations use them to provide constant updates to employees on enterprise data, such as sales levels or support call waiting times. While this type of gadget certainly offers some benefits, I would want to know whether the gadget displays reliable data, doesn't burden the network and is compliant with e-discovery regulations.
Dig Deeper on Web application and API security best practices
Related Q&A from Michael Cobb
A flaw in the open source graphics library libpng enabling denial-of-service attacks was discovered. Expert Michael Cobb explains how the ...continue reading
Flaws in the Apple Notify function and iTunes can enable attackers to inject malicious script into the application side. Expert Michael Cobb explains...continue reading
Facebook's Delegated Recovery aims to replace knowledge-based authentication with third-party account verification. Expert Michael Cobb explains how ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.