Skip to content
Contact us
  • There are no suggestions because the search field is empty.

User Risk: Browser Extension Settings

Browser extension modes

The User Risk browser extension is an excellent tool for you and your team:

  • For you: insights, visibility, and policy enforcement.
  • For your team: contextually relevant security coaching.

Once the extension is deployed you’ll see new, browser-detected applications, appear in the Applications tab. UpGuard’s User Risk browser extension has multiple modes to choose from. Across all modes:

  • Admins can see browser-sourced data in User Risk.
  • Admins can set policies around apps (approved vs. unapproved).
  • The use of unapproved apps triggers risks.

What differs is how users experience the extension: 

Mode What users experience
Discovery Users cannot see or access the extension. They will not see the extension, nudges, or blocks.

In this mode, users will not know what policies admins have set.
Quiet Users can see and click on the extension to view: their user risk rating, context about unapproved apps, and more.

Users will see an unapproved marker if they’re on an unapproved app or site, but they will not receive nudges or blocks.
Nudge Users can see and click on the extension to view: their user risk rating, information about unapproved apps, and more.

When a user visits an unapproved app, a pop-up opens informing them that they’re accessing an unapproved site. The pop-up provides additional context and guidance: the goal is to direct people to approved apps. The nudge is a warning, but users are able to continue using the app or site.
Block Users can see and click on the extension to view: their user risk rating, information about unapproved apps, and more.

Users are blocked from accessing unapproved apps or sites. The entire webpage is blocked by a message from User Risk providing additional context and guidance directing them to approved apps.

Configuration options

Use default mode, exceptions, and app management to configure User Risk to your team’s needs:
  • Default mode: determines how users experience the extension by default, however you can create exceptions for teams and roles.
  • Exceptions: assign a different extension mode to specific teams or roles. Use exceptions to get granular with how you want the extension to apply to different groups.
  • App management policies: decide if an app is approved or unapproved for everyone or approve apps for specific teams and roles.

Recommended roll-out plan

Your company culture and existing cybersecurity policies impact how we recommend rolling out the extension. Generally though, we strongly recommend beginning by rolling out the extension to your entire workforce in Discovery mode (after your security team has done initial testing). Doing this gives you a strong starting point (i.e. insights you need around SaaS usage), so that you can start thinking about how to manage apps.

Beyond that, we have more tailored suggestions for common use cases:

New and not sure where to start >> Try Discovery mode

This is a very easy way to start learning and thinking about policies before you bring all of your users onboard. The extension will gather data but users won't see it. Crucially, you’ll be able to start developing policy by approving and denying applications so you have a strong foundation in place if/when you decide to make the extension visible to the entire organization.

We recommend creating a Nudge exception for your security team, this will give you firsthand experience of what your users will experience before you roll out the extension further.

Want to give users insight (without providing nudges) >> Try Quiet mode

Quiet mode gives you visibility and gives your users a tool to start building a security-first culture. You’ll give them access to guided coaching that they can access as needed. Similar to our suggestions above, we recommend that your team begins defining policies as you gain insights from User Risk.

Robust cybersecurity policies in place >> Try Nudge or Block modes

If you already have robust cybersecurity policies in place, you can move more quickly to Nudge or Block modes. We recommend doing an initial deployment with your security team (or leveraging Quiet mode) while you approve and deny applications before doing a full launch to all users. This will make things clearer for your team members: the extension’s nudges or blocks will align with the policies they’re already used to.

Update the extension’s mode

UpGuard users with the admin role (or with admin features enabled) can update the extension’s default mode. The default mode applies to all users and teams (except for those with an exception).

  1. Click the settings cog in UpGuard’s top right corner.
  2. Click Browser Extension under User Risk in the left panel.
  3. Click the pencil icon next to the extension’s current mode.
  4. Select the appropriate mode.
  5. Click Save changes.

The default mode will be updaded for all users (apart from those with exceptions) within 3 hours.  

Add, edit, and delete exceptions

UpGuard users with the admin role (or with admin features enabled) can create exceptions that override the extension’s default mode. Individual users cannot change the browser extension’s mode.
  • Exceptions are assigned to teams and roles, they cannot be assigned to individual users.
  • A single team or role can be assigned to one exception.
  • For users whose team and role mode assignments conflict, the most restrictive mode applies.

Create exceptions by assigning a team and/or role to a mode.

  1. Click the setting’s cog in UpGuard’s top right corner.
  2. Click Browser Extension under User Risk in the left panel. 
  3. Scroll to the Exceptions section.
  4. Choose a mode heading. 
  5. To
    1. Create a new exception: click + Add teams and roles.
    2. Edit or remove an exception: click the pencil icon in the top right corner.
  6. Use the Teams and Roles dropdowns to add and remove groups from exceptions by checking or unchecking the box next to the corresponding group.
  7. Click Save changes.
  8. Repeat steps 4-7 for any additional exceptions you need to create, edit, or delete.
Changes will go into effect within 3 hours, at which point users in the corresponding teams and roles will have the newly assigned mode.  

Edit app usage detection settings 

User Risk registers app usage after a designated period of usage. By default, User Risk tracks usage after 1 minute of active usage, but you can change that time period in settings.

  1. Click the setting’s cog in UpGuard’s top right corner.
  2. Click Browser Extension under User Risk in the left panel.
  3. Scroll to the App usage detection section.
  4. Click the Only detect app usage after dropdown.
  5. Select the desired time period.

You will see a message that your changes have saved successfully. Changes will go into affect within 3 hours, at which point app usage is tracked based on the newly selected time setting.