Collaboration App Security

By: Matthew Hammerstone

21, January, 2020

Categories:

cyber security - News -

Organisations no longer consider geographic location of a site, partner, or employee a hindrance. Improved communication and collaboration networks have made coordination between on-site and offsite employees and vendor partners much easier.

With advanced technologies and digital solutions, companies have become much more flexible in the way they perform daily operations. By virtue of better connectivity, communications solutions, and portable devices, companies have expanded their operational networks, allowing employees to bring and connect their own personal devices with the company network under the Bring Your Own Device (BYOD) model. Furthermore, companies have become more open to freelancers and gig workers, who can connect to the company networks remotely to complete their assigned tasks.

Such varied work models are adopted by the companies to make their operations more seamless. To further this objective, companies are now using collaboration tools that allow employees and partners, both onsite and offsite, to collaborate, coordinate and complete tasks, irrespective of their geographical location.

The concept of collaborative tools started with computer systems, which, in 1968, were used as a mode to connect and communicate with different individuals and parties. Development of microcomputers, collaboration software and services has led to today’s communication, collaboration and coordination tools like email, instant messaging, video- and tele-conferencing, online calendars, time trackers and spreadsheets among others.

 

Why are companies using collaborative tools?

Growing use of digital solutions and increasingly changing approaches to work like hiring of freelancers and adoption of BYOD models, have led to expansion of employee teams well beyond the walls of office premises. Employees can no longer be expected to be present at one location at a given time and tasks could not be postponed because of their unavailability at that moment. Instead, companies are turning to collaboration apps and tools to support continuous engagement and conversation between teams. With these apps, departmental and project teams can schedule tasks, delegate responsibilities, share status reports and take timely actions to complete the tasks/projects.

 

How safe are collaborative apps and tools?

Utility of collaborative apps is very high, as these solutions facilitate internal and external communications within the teams and other involved parties. An increasing number of companies see collaborative tools and apps as their primary communication and coordination mode and several business critical processes and information are shared and discussed through these solutions. As a matter of fact, security of information exchanged on these apps is of critical importance and proliferation of these apps is creating new security challenges for the IT teams.

A 2018 report by the cybersecurity firm Perception Point, which surveyed 500 enterprise participants, found that 80% of the respondents use two to ten collaborative apps across their organization1. Moreover, two-third of the respondents highlighted that their companies have suffered an attack at least once in the last 12 months through these apps.

With 80 per cent of the respondents believing that the cloud collaboration tools are highly susceptible to cyberattacks, it has become imperative for the companies and their IT teams to implement a strong security framework to protect the data and information available through these apps.

Hackers can attack these apps through phishing, which is one of the most favoured forms of cyberattacks launched by hackers. Insertion of a malicious link in the conversation thread could prove highly damaging.

Moreover, hackers can extract business critical information very easily if they get their hands on the credentials of a superior or higher level management executive with privileged access or authority. Unlike e-mail, a continuous conversation on chat window of the messaging apps could create pressure on the employee or team member to share the information without verifying the credentials.

 

Security of Collaborative Apps

Data safety protocols for collaborative apps should be taken very seriously. As the risk of  cyberattacks  increases, vendors should incorporate more advanced built-in security features into the tools; however, the companies (clients) using these apps and tools have to take the responsibility of protecting their data and operations by adding a layer of third-party solution that can identify and prevent cyberattacks. Companies/users should also monitor internal traffic for insider threats. Preferably, apps and security solutions with end-to-end encryption and proper industry security certifications like FedRAMP and HIPAA should be adopted. IT teams should enforce policies restricting the types of content that could be shared. This can help in filtering out unwanted, especially malicious links and posts from the conversation thread.

While rules and solutions for improving the safety and security of the data are extremely important, user education and awareness is still key. Companies should go for regular penetration testing across collaboration apps to test their employees’ awareness and conduct during a potential cybersecurity incident to ensure that their employees practise precaution and are well aware of the harmful consequences of a data/privacy breach.

 

References:

https://www.forbes.com/sites/forbestechcouncil/2019/04/03/cybersecurity-chat-the-security-risks-of-popular-collaboration-apps/#51ad02cc3e1d

https://www.forbes.com/sites/forbestechcouncil/2019/08/07/three-reasons-why-collaboration-apps-can-be-a-security-minefield/#52f24b026083

https://www.nojitter.com/digging-team-collaboration-app-security