Collaboration Security Still a Foreign Word for InfoSec Teams
Perhaps the most rapidly growing type of software in corporate America is workstream collaboration (WSC) apps like Microsoft Teams and Slack. IDC estimates that the collaboration marketplace currently sits at approximately $4B and is projected to grow nearly 70% in the next 3 years. Organizations are using collaboration apps to chat, share documents and schedule meetings frequently without the safety net of targeted governance or compliance policies. Yet collaboration apps are a double-edged sword. They empower collaboration and communication at scale. However, the openness and simplicity of sharing, coupled with the ease of install by end-users, frequently means that IT and InfoSec teams are left in the proverbial digital dust. The collaboration platforms grow quickly out of control, leading to management struggles and large security blind spots. These challenges will require IT teams, to consider what measures need to be taken to combat the unique challenges of Microsoft Teams security and other collaboration platforms.
Collaboration Productivity vs Risk Trade-Offs
Numerous recent studies show that 70% (and growing) of the Fortune 500 allow the use of workstream collaboration apps for meetings, chats and calls, as well as to share files and schedule and conduct video conference meetings. In parallel, though, only a small percentage of that growing majority have any sort of written policy for how to use and manage these apps. Of those that do have a policy, even fewer have any tools deployed to manage and enforce those policies. The irony of the current collaboration security situation is that it is not a hidden or unknown phenomenon. Over 90 percent of IT professionals signal that their system to secure collaboration apps is insufficient, and nearly 75 percent of IT believe that Microsoft Teams security and other platform security are among their top 3 biggest security challenges.
How has IT been Outpaced?
So how has IT fallen so far behind? The initial obvious answer is that the Slack and Microsoft Teams marketing machines have driven demand much faster than IT budgets can keep up, leading to Slack and Microsoft Teams security issues. But there are some additional more calculated explanations which help to shed more light on the IT dilemma.
- Collaboration Apps are Different Than Email: Policies and widgets already exist in email to allow for easy password protection of a document before sending. However, because of the persistent tug of war between ease-of-use and security, such widgets are either disregarded or don’t yet exist for WSC apps.
- Immature Market: Tackling collaboration security is difficult because the WSC market is relatively new; not enough time has passed for official certifications or industry best practices to exist. There is no foundational level of knowledge yet, and no ITIL for collaboration apps. In fact, most IT professionals are just getting started managing Slack, Zoom, or Microsoft Teams security, or are still teaching themselves the basics when it comes to management at scale.
- IT Lacks Needed Visibility: While third-party tools exist to monitor and troubleshoot the email workload, tools to provide IT with analytics and visibility into WSC user interactions are still emerging. Without such tools, and the requisite IT budget to procure them, IT is left with numerous blind spots, having no way of knowing if data exposure or suspicious activity is occurring.
- End User Ignorance: At first glance, WSC apps seem like a place to socialize with ‘chat buddies,’ versus a location which carries risks of data exposure; 62 percent of IT professionals believe that the biggest security threat actually comes from well-meaning but negligent and under-educated end users.
- Video Conference Call Proliferation: As Microsoft Teams, and especially Zoom, grow their market share, and remote work scenarios proliferate, more and more meetings take place via conference calls. The type of information (shared documents, chats, meeting recordings) involved in a video conference interaction which can threaten Zoom or Microsoft Teams security may not be initially obvious to most end users.
- Users and Data are the New Perimeter: Business technologies have become increasingly consumerized leading to mass adoption. As a result, the traditional IT approach of building a complex high-tech moat to protect against threats, no longer suffices — the perimeter no longer exists
Collaboration Security Bail-Out Checklist for IT
Hopefully by now you’re convinced that WSC proliferation calls for new operational controls and processes protect your organization’s data. The following list is intended as a set of key operational processes for you to consider, modify, and then implement to help you begin to get ahead of the collaboration tidal wave:
- Understand the surface area of collaboration security: It’s nearly impossible to battle against an unknown enemy. By understanding the issue and vulnerability areas, such as guest access, user on-boarding/off-boarding, 3rd party plug-in apps, etc., you will set up your IT leadership team for planning success.
- Monitor: Rather than just quickly jump to a fix, IT should first carefully watch what is occurring in the typical multi-platform collaboration environment to understand how end users and guests are using apps such as Teams and Slack. In many cases when data security incidents take place, if IT had had the ability to receive alerts for massive confidential file downloads, or for files or groups that were public facing, they would have at least known this was happening.
- Categorize and classify your collaboration interactions: This process involves the creation of an organization-wide ‘information map’ which identifies data types, data sensitivity, sharing times (when and how often sharing occurs), and, most importantly identity (sites, departments, geographies and individuals). The map will allow IT to turn data risk and scrutiny into a more visible cartographic experience, upon which a series of policies can be built.
- Create a policy framework that reflects your definition of trust: Review your current security architecture and identify any gaps and sources of vulnerabilities. As you develop your new collaboration policy framework, think about how it can fill those gaps and protect your data stored and shared in your WSC apps.
- Explore Video Conferencing Vulnerabilities: Zoom and Teams offer the ability to set and enforce policies at the account, group, or user level. The list of policies that should be considered for enforcement either before, during or after a meeting is long, but here are a few highlights:
- Password-Protected Meetings and/or the ability to control participation based on the domain address of the participant.
- Waiting Room: the ability to both control when a participant joins a meeting, and also to create custom settings that give further control over which participants join the meeting and when.
- Locked Meeting: the ability to prevent anyone else from joining the meeting, even if they have the meeting ID and password.
- Identify Guest Participants: the ability to have any participant who is not signed in or signed in from a different email domain to appear in the Participants list with a different background color behind their name.
- Screen-Share Restrictions: the ability to restrict certain apps from being shared to prevent accidental sharing of confidential information.
- Measure: Compare the risk exposure profile that you see with the pre-defined workstream collaboration policies. Then measure and report on whether any corporate policies are being violated.
- Manage: Both IT and/or end users can jump into action to either re mediate or to create a new policy if governance standards are being exceeded. In many cases, proactive systems, either pre-defined workflows or directed AI workflows, can be initiated well before any human touch or intervention is necessary. The Unify Square three M’s of collaboration security management are discussed in more detail in a previous post.
Connect with a Consultant
Don’t let information security concerns keep you up at night. Work with us to take the necessary steps to secure your workplace collaboration platform with our Security Rightrack offering.
Data Governance Rescue Hope?
If the sudden emergence of WSC apps have caused both end users and IT to become more lackadaisical with the data we share over them, the ultimate collaboration security question then becomes: can IT reassert control before disaster strikes? The collaboration security risks are just as potentially detrimental to a company’s data as the fallout from a successful phishing attack. But there is hope. Third party purpose-built software like that offered by Unify Square helps to not only monitor security issues, but also proactively suggest and implement policies, granular controls, and auditing features. Proper oversight can help limit the worst scenarios associated with collaboration apps, and PowerSuite can help IT and InfoSec teams go the final mile by providing the ultimate solution to today’s data governance paradox.