Skip to main content

How the Browser Extension Works

What the New Harbor browser extension does, how it scans your apps, and how we protect your privacy.

Written by Kavi Harshawat
Updated over a month ago

Overview

The New Harbor browser extension helps keep your team's apps secure. This article explains what it does and how it works.

What the Extension Does

The extension does three things:

  1. Checks security configuration: We look at how your team's apps are set up—things like whether multi-factor authentication is turned on, what the password rules are, who has access to what, and whether anything is accidentally shared publicly.

  2. Makes it easier to request app access: If you try to visit an app your organization has blocked, we give you a simple way to request access instead of just showing an error.

  3. Helps track which apps your team uses: We help your organization see what apps people are using, which makes it easier to manage software and spot potential security gaps.

How We Scan Your Apps

We try to keep our data up to date without getting in your way.

Scanning Happens Automatically

We check your apps in three ways:

  • When you first sign in: If you log into an app for the first time, we scan it right away to get an initial read on how it's configured.

  • As you browse: When you visit a settings or admin page in one of your connected apps, we scan it in the background. You don't have to do anything.

  • On a schedule: Once a week, we check your connected apps to make sure our data is current.

Sometimes We Need You to Sign In

If your session has expired in an app, we can't scan it until you sign back in. When this happens:

  1. We scan all the apps where you're still signed in.

  2. We save a list of apps that need your login.

  3. You'll get a notification telling you which apps need attention.

  4. When you're ready, sign into those apps and we'll finish the scan automatically.

You're in control of when you sign in—we won't interrupt what you're doing.

What We Look For

We collect security-relevant configuration from your apps—the information your organization needs to understand how apps are set up and who has access to what. Depending on the app, this can include both organization-wide settings and individual account details.

Examples of what we might collect:

  • Security policies: Password requirements, MFA enforcement, session timeouts, external sharing rules

  • Users and access: User lists, roles, permissions, and admin status

  • Resources: Repositories, workspaces, channels, or other structures that help your organization understand what exists and who can access it

The specific data varies by app. We then compare what we find against your organization's security policies to identify gaps or risks.

Your Privacy

We built the extension with privacy in mind:

  • Only your work profile: The extension only runs in your work browser profile. If you have personal or other profiles in Chrome, we can't see anything in those.

  • Focused on work apps: We don't track all your browsing. We focus on apps that are relevant to your organization's security.

  • Configuration, not content: We look at how apps are set up and who has access—not your documents, messages, or files.

How We're Different

A lot of companies use software that installs on your whole computer and can see everything you do. We take a different approach. Our extension only looks at what happens in your work browser profile. That means we can help secure your work apps without seeing anything personal on your device.

Questions?

If you have questions or feedback about the extension, reach out to us at [email protected]. We're happy to help.

Did this answer your question?