Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

...

...

...

The following Chrome extensions have been reviewed by our security office.

Table of Contents
minLevel1
maxLevel6
outlinefalse
styledisc
typelist
printabletrue
Info

If you have questions about a Chrome extension not listed here, please submit a request to the SOM Help Desk for review.

Please include the name and the Chrome Web Store link to the extension.

Approved Chrome Extensions

Prohibited Chrome Extensions

Extension

Reason

Google Docs Offline

  • Collects personally identifiable information (name, address, email address, age, ID number)

  • Collects authentication information (passwords, security questions, PINs)

  • Collects user activity (keystroke logging, network monitoring, mouse position)

Boomerang for Gmail

  • Requires read-write permissions to all of your emails

  • Collects personally identifiable information and email contents

  • Discloses this data to subsidiaries and contractors

  • Tracks your activity across websites

...

Prohibited by the State of Nevada Information Security Committee for all NSHE institutions

...

Grammarly

...

TikTok

...

Power Tools

  • Follows the laws of the Republic of Poland, without regard for any conflict of laws.

  • The user expressly agrees that any such offer of a product or service does not constitute a legal offer capable of attracting legal consequences.

  • Collect personally identifiable information (company, name, address, email address, job title)

  • Collect user activity (IP address, browser logging, cookies, network monitoring)

  • Discloses user data to subsidiaries and contractors.

  • Use third parties to perform services for Ablebits.

  • Makes user content available to other users of the Website

Canned Responses for Jira

  • Canned Responses for Jira has no official privacy policy.

  • The developer claims that user data is not being sold to 3rd parties outside of “approved cases”.

  • The URL link provided for “approved cases” goes to a Google site for chrome developers.

  • The vendor does not define their “approved cases”, thus leaving user data exposed to 3rd parties.

Tactiq

  • No control of what Tactiq will do with the content

  • There is no assurance of privacy or security of the content it processes.

  • There is no assurance that meetings will not have HIPAA information discussed.

Video Speed Controller

  • Privacy policy does not exist, instead the privacy policy URL link goes to a GitHub code repository.

  • There is no assurance that user privacy is protected. Users have reported issues under different environments.

  • There is no user support.

Zotero Connector

  • The Zotero Connector can read and change all user data on websites visited.

  • The Zotero Google Docs plugin can see, edit, create, and delete user Google Docs documents.

  • Zotero updates their privacy policies over time.

  • There is no user notification of changes to their privacy policies, instead up-to-date information and details of new features are located on their privacy page.

  • Zotero’s privacy policy may change at any time and potentially put users at risk, without their knowledge.