© 2020 Content Security Pty Ltd.

collaboration tools

Collaboration tools facilitate greater efficiency, but at what cost?

The sudden and global work from home directive led to massive growth in online collaboration tools and cloud storage services in 2020. The rapid uptake and expanded use of these tools meant that some IT and security teams were unable to sufficiently secure their businesses from the onslaught of cloud-related cyberthreats. With the hybrid workplace still lingering into 2021(and perhaps beyond), security teams should take special care to cover all the bases.

Remote collaboration tools skyrocketing in growth

2020 was the year that redefined, or perhaps solidified enterprise communication and collaboration (EC&C) apps as a critical asset. These inherently convenient tools have supported enhanced online communication and streamlined productivity in a time where strict limits have been imposed on human-to-human interaction. They have completely transformed the workplace dynamic, affording staff enhanced sharing capabilities, accessibility and productivity gains, alongside an unparalleled ease of use.

Collaboration services saw an increase of 600%, with education, government and financial services experiencing dramatic shifts in usage

Nearly 80% of organisations are using somewhere between 2 to 10 collaboration and cloud applications. [1] Growth in these applications was to be expected in today’s cloud-era, but the statistics are much higher than forecasted due to the pandemic:
  • According to research, Zooms experienced a 378% year over year growth, Teams increased by 300% and Slack usage increased by over 200%. [2]
  • Microsoft also shared that some of its other cloud services were seeing growth as high as 775%. [3]

Enterprise communication and collaboration apps are creating cybersecurity blind spots

Yes, collaboration tools and cloud storage are undoubtedly vital, liberating resources in today’s circumstances. But these services are also creating security blind spots that are going unaddressed and creating major areas of vulnerability. Cyber criminals have responded to the upsurge in cloud usage with increased attacks and compromise of cloud credentials, with external attacks on cloud accounts increasing by over 630% [4]

Cloud usage from unmanaged devices has also doubled – with employees accessing corporate applications from personal devices while at home or on the go. [5] Notably, anomalous login attempts tripled since January 2020. [6] This includes brute-force attempts by cybercriminals, and also refers to excessive use from anomalous locations and logins from geographically distinct locations in a short period of time.

Cloud and collaboration-borne attacks

The issue with apps like Teams, Slack, Google Drive etc. is that they typically lack the advanced security measures that have been instrumental in securing more established communication and storage channels, such as email. Without proper security gateways that monitor traffic and detect suspicious activity, these technologies are left all the more susceptible to the following:
  • Malicious file upload: According to Perception Point, cloud storage ‘is a tool where 60% of companies are sharing content with customers, suppliers and unmanaged third parties.’ [7] Threat actors can enter your cloud storage and collaboration tools via these outside sources – for example, they may compromise a suppliers access and sync a malicious file to your system via a shared folder.
  • Impersonation: An attacker may compromise cloud credentials and gain access to a legitimate employee account. There have been reports of increased privacy concerns regarding applications such as Zoom and Teams, as cybercriminals have been known to also exploit software vulnerabilities and hijack virtual meetings. [8] Their aim here is to eavesdrop on conference calls, examine chat threads and obtain sensitive information they could use for further compromise.

Our recommendations: the time is now to secure your collaboration tools and cloud storage

It is key to treat these channels like any other form of communication and storage, meaning you should monitor traffic, enforce policies around information handling and exposure, and implement threat detection. Consider the following:

Get back to basics

This means focusing or revisiting the fundamentals like multi-factor authentication (MFA) and user training. Staff should always be aware of the security risks posed to the systems and applications they are using, as well as the security implications of their actions. Training, in conjunction with MFA can reduce the possibility of successful credential theft and enhance security while employees work remotely.

Be aware of shadow IT

Staff may not only be working on unmanaged, personal devices – they may also download applications and software that they preference over corporate’s recommended applications and tools. Ensure employees are only accessing and working with company data on secure, corporate managed devices and applications. This requirement should be made explicit in company policy.

Redefine information handling

As with methods for accessing company data, the way in which information sensitivity is classified should be made clear in corporate policy. This means employees should actively define the contents of documents with labels such as ‘public,’ ‘internal’ and ‘confidential.’ These labels ensure that internal or confidential information cannot be sent to external sources via email, Teams etc. and assist in data loss prevention.

Consider a multi-layered platform

A lot of businesses turn towards cloud access security brokers (CASB) because they largely act as a gatekeeper, actively monitoring access and data leakage by enforcing cloud-based security policy. However, CASBs are not traditionally designed for threat detection, and therefore could let bad actors slip through the cracks. At Content Security, we can help you find a unified platform that detects AND prevents threats across a whole host of systems. We assist clients with securing a variety of applications, such as Dropbox, Office365, SharePoint, Google Drive, Citrix, Slack, Teams and more.

References

For more information please contact our cybersecurity professionals today.

Recent news