Evaluate a G Suite Marketplace app's security

Because G Suite Marketplace apps are developed and offered by third-party developers, install an app only if you trust the app’s developer and vendor. You’re solely responsible for any compromise or loss of data that may result from using a G Suite Marketplace app. For more information, go to the G Suite Marketplace Terms of Service.

G Suite Marketplace app developers must adhere to the G Suite Marketplace's listing requirements, program policies, and Developer Agreement, which requires developers to clearly present the terms under which they offer their services.

How to evaluate a vendor or app

To determine if an app is trustworthy, before you install an app, you can:

  • Read customer reviews and ratings.
  • Read the vendor’s Terms of Service, privacy policy, and deletion policy.
  • If you have any questions, contact the vendor directly.

G Suite Marketplace Security Assessment Program

Under the G Suite Marketplace Security Assessment Program, developers can submit their app to a third-party security firm that performs a security assessment of their app. 

The security assessment includes:

  • External Network Penetration—Identifies potential vulnerabilities in external, internet-facing infrastructure systems
  • Application Penetration—Identifies potential vulnerabilities in applications that access user data
  • Deployment Review—Identifies exploits and vulnerabilities in developer infrastructure
  • Policy and Procedure Review—Examines efficacy of information security policies and procedures

For specific information on what's included in each assessment, go to the Google Cloud Platform Help Center.

After apps are installed

If you already have G Suite Marketplace apps installed for your domain, you can always do the following:

Was this helpful?
How can we improve it?