We just enabled the Inherited Keys tab on the Developer Keys page and had a few questions since we're seeing several keys enabled. Some of these are for vendors we have implemented, and some are not.

Are there any best practices recommended for ensuring a higher degree of security?

If we weren't using these inherited keys before for a vendor that we have installed, would turning off the inherited key prohibit access to the service for any of our users?

Does allowing the inherited keys to remain enabled cause any unintended data to be sent to these vendors?