Security risk from installing a third-party Add-in in MS Word
Background: Our procurement team is considering using Pincites to review contracts made with vendors. For Pincites to review the Word document where the contract is written, it needs the procurement team user to install the Pincites Add-in to his/her MS Word. Once added, Pincites will review the contract written and 'redlines' any phrases or terms that is not in line with the contract playbook the procurement team creates.
Question: The contract does not contain any confidential data or terms, so the company is not concerned about an external entity reading the contract. We also understand that the Add-in can also read the contents of a Word document even if it is not a contract. But are there any other risks that we should consider when installing third-party Add-in in the MS Word?
