One embodiment provides a method, the method including: utilizing at least one processor to execute computer code that performs the steps of: identifying one or more access permissions of an application associated with an electronic device; identifying, based on the access permissions, information accessible to the application; analyzing user information within with the accessible information; determining, based on the analyzing, at least one personal exposure risk; and providing to a user, based on the at least one information exposure risk, at least one proposed solution. Other aspects are described and claimed.