Cybersecurity locked laptop

A browser extension is a small software module that allows you to customize your browsing experience by adding new features and functionality to your web browser. There are tens of thousands of browser extensions available for download, including point of sale systems, spell checkers, ad blockers, content translators, coupon finders, and a whole lot more.

In order to function correctly, browser extensions need your permission to access certain data. That’s normal. But depending on how the permissions are configured, a browser extension may be able to access a startling amount of information about your browsing habits - including the websites you visit, the content of those pages, the keystrokes you enter, and more.

That’s not to say that every extension is doing those things, but they could, depending on the author’s intentions. In February 2021, for example, Google removed a Chrome extension used by 2 million users after discovering that the plugin was quietly installing malicious code and tracking software on users’ systems.

Some third-party companies use browser extensions to add extra functionality to ezyVet without our authorization. We call these extensions “unofficial” or “unsanctioned” integrations. Using these unofficial integrations at your veterinary practice can introduce all sorts of privacy issues for your business, your staff, and your clients, and may leave you exposed to malicious cyber activity.

How to tell if an ezyVet integration has been authorized

If you’re a practice owner or manager, you need to be confident that the ezyVet integrations you use are safe, secure, and fit for purpose.

The simplest way to verify that an integration has been officially authorized by ezyVet is to check the ezyVet Integrations page.

On the Integrations page, we provide a comprehensive list of every official ezyVet integration, which can be sorted by country, vertical, and name. If you see an integration listed on this page, you can be confident that it is officially sanctioned by ezyVet.

On the other hand, if you’re thinking about installing an integration and you can’t see it listed on the ezyVet Integrations page, there’s a good chance that it’s unofficial and potentially unsafe.

We strongly recommend not installing any unofficial ezyVet integration.

If you do use an unofficial integration, you may see the following warning message when you try to access your ezyVet site:

Unofficial ezyVet integration warning

Data privacy concerns of using unofficial ezyVet integrations

We love working with our integration partners and giving our users the tools to customize ezyVet according to their unique business needs.

However, becoming an integration partner with ezyVet is a formal process. There are established certification systems in place to ensure that an integration is legally sound, users’ privacy is appropriately protected, and all data is handled securely.

Unfortunately, some third-party companies attempt to circumvent the certification process by creating unauthorized workarounds and framing them as legitimate ezyVet integrations. And because unofficial ezyVet integrations are released without our knowledge, analysis, or authorization, there’s a very real risk that they could negatively impact your business.

For example, a rogue extension could be used to scrape sensitive data from your browser, such as your customers’ financial information or your staff’s login details. Or it could be used to drop malware onto your device, which might record your keystrokes, spam you with ads, or lock you out of your system until you pay a hefty ransom.

It’s important to remember that attackers don’t just go after big corporates. Almost 3 in 10 (28%) data breaches involve small businesses, according to the 2020 Verizon Data Breach Investigations Report.

How unofficial ezyVet integrations could impact your practice

Hacker with credit card

A cyber incident at a veterinary practice can be extremely disruptive. Critical medical information may be lost, surgeries may be delayed, and patient health may be jeopardized.

There are also financial consequences to consider. Depending on the extent of the incident, your veterinary clinic may face significant downtime and recovery costs, both of which can eat into your bottom line. If client data is compromised, you may have a legal obligation to disclose the breach, which can cause major reputational damage to your practice. Some experts estimate that 60% of small businesses fold within six months of falling victim to a cyberattack.

Below are four key ways an unofficial ezyVet integration could impact your veterinary practice:

1. Data may be compromised

Whereas ezyVet carefully evaluates the security frameworks of all official integrations, we have limited visibility of the data security practices of unsanctioned integrations. As a result, there is no guarantee that the data collected, stored, and transmitted by an unofficial integration is secure. This could potentially lead to sensitive business data being lost, stolen, damaged, or manipulated.

2. Privacy concerns

There are also significant privacy issues to consider. Most browser extensions work by ‘reading’ the content of your Chrome browser. In theory, an extension should only ever process the specific information it requires to fulfill its designated function, but there is a risk - particularly with unofficial integrations - that additional data is harvested along the way. This data could potentially be sold to third-party advertisers, used for fraudulent purposes, or stored insecurely.

3. No ezyVet support

We pride ourselves on providing the highest level of customer service possible. Unfortunately, we cannot provide support nor take responsibility for any consequences associated with the use of unauthorized ezyVet integrations. This includes issues that could have a significant impact on business performance, such as inaccurate data reconciliations, missing payments, loss of revenue, etc.

4. Risk of malware

Some browser extensions can be outright malicious. While most modern web browsers now have verification systems to weed out potential threats, some malicious extensions do still exist on official repositories like the Chrome Web Store. Malicious browser extensions vary in functionality. For example, some may redirect you to phishing sites, while others may inject ads into your browser or download additional malware onto your system.

If you have further questions about the legitimacy of a specific integration, please feel free to contact the ezyVet support team.