The boom in collaboration software creates extra security risks
While the software solutions have made it easier to work from home, they’ve also made it easier to launch malware.
TechRepublic’s Karen Roby spoke with Otavio Freire, president, CTO and co-founder of SafeGuard Cyber, about security issues in collaboration software. The following is an edited transcript of their conversation.
Karen Roby: We do all of our work now, or the good majority of it, through things like this, right? Zoom and Teams, and we’re talking on Slack, and we’re talking with people outside of our organization, and bringing them in through all of these channels and all of this is going on. And the criminals out there, they’re waiting to take a bite out of everything, and that’s what we’re seeing so much of. Since this pandemic has started, what are the problems we’re seeing more of right now?
SEE: Security incident response policy (TechRepublic Premium)
Otavio Freire: We’ve seen a massive adoption of collaboration platforms, such as Teams, Slack, WebEx, Zoom. Some of these are growing 700% per quarter. Teams is the fastest growing product for Microsoft ever. But, look, they do bring a series of risks, not much different, ultimately, than we’ve seen in email. There are malicious Word documents that can be accidentally dropped into a Slack channel. We’ve seen misconduct, and inappropriate and threatening language taking place. And more classic cybersecurity issues such as insider threats, cyber fraud, and sharing of critical information.
Karen Roby: This always is really fascinating to me how this happens. You talk about social engineering and business email compromise, I mean, things like this are still happening every day and even more now.
Otavio Freire: From a risk perspective, I think the challenge is the scale. It is a massive amount of data. There’s a video stream, there’s an audio stream, there’s text, there’s files. And how you identify those risks through that data is hard. We had a customer with 5,000 employees and had 160,000 messages every day. And only with advanced machine learning can you detect that malware. You can detect that link that could be spearfishing your employees.
Karen Roby: What are you seeing, right now, a lot of? I mean is it malware, still phishing attempts? Even though we talk about don’t click on this, don’t click on that, people still do. Passwords are still weak. I mean, where are you seeing a lot of weak spots?
Otavio Freire: Exactly what you described, Karen. There’s, certainly, the classic cybersecurity issues. Just like the email they still happen, they still take place in all of these channels. What we’ve seen, the difference and the scary difference, is that these attacks can be more targeted. They can be more spearfishing-focused because there’s a lot more data about the victim that takes place. So, that is certainly a major area of concern.
SEE: How to manage passwords: Best practices and security tips (free PDF) (TechRepublic)
But the challenge is visibility. The enterprise, the security team, the CIO, doesn’t have a full understanding of what is taking place on that massive amount of data. They’re very well aware of all the risks that could happen, everything from brand reputation to a compliance issue, to true cybersecurity. But how do you gain that visibility at the message level? You really need security that is, first, portable because the difference in these channels is that I could leave the network, I could go to Starbucks, I can get on a Wi-Fi. I can switch to my iPad that is not a protected device. It’s a new on-ramp into Teams. So, the security layer has to really think about how these platforms are used, which is a different mindset for how typically security has been approached at the enterprise level.
Karen Roby: And they’re not going away, right? I mean, these are platforms that we’re using more and more in light of this last year, but they’re not going anywhere. So, companies have to wrap their arms around this.
Otavio Freire: I’ll date myself here, but I remember a time when companies didn’t allow email. They blocked email, believe it or not. Like, I put files in my inbox and outbox in this folder here. And “I don’t know about this email thing, everything’s going to be recorded.” I actually recall that time.
The old is new again. We’ve seen first, it was closed gardens, Slack and Teams only. You can only talk within the Slack of your company. And, now, Slack through Slack Connect, can connect to other companies. The evolution that we saw in email is taking place again. And with that comes new and additional risks. But, just like email, you can’t close it because there’s just a lot more business agility. There’s just a strong business case for greater communication, more agile communication. So, to your point Karen, it’s not being shut down. In fact, it’s only going to accelerate because the business need is tremendous. And the upside is tremendous.
Metrigy, a well-known research firm did a recent study. They found that if you look at the ROI of collaboration channels, 22% increase revenue, there’s a 40% improvement in employee productivity. And, of these successful companies, 66% had security in place explicitly for those collaboration channels. So, there’s this strong relationship here about thinking of these channels as a core of the enterprise, how the enterprise can grow, especially during our work-from-anywhere world that we’re living in. It’ll increase revenue, but you have to think of it in terms of … just like you would secure your email, you have to secure these channels from all these risks we’ve been discussing today, Karen.
Karen Roby: Final thoughts from you on where we are, where we’re heading and how people need to be thinking in general about cybersecurity. What are your final thoughts there?
Otavio Freire: I think, as a user, we have to be aware that there is a tremendous amount of data that is generated by using these modern and novel communication channels. I mean, thinking of this as Zoom, there’s a video stream, there’s the audio stream, there’s the files I share in a chat, there’s the users who are part of it, there’s the security stamps. And we’ve become very well aware of that in email. But training needs to happen about the security implications of using these channels. And then use technology to actually protect them as we protect other critical applications in the enterprise. They are critical infrastructure. When you make the jump to start thinking of these apps as critical infrastructure, just like we would our financial system, that’s super well-protected, adoption will increase as we saw with information from that report. And even productivity and revenue could increase.
Karen Roby: Otavio, it’s not about dating yourself. You’re just showing us the level of experience you have, right?
Otavio Freire: Okay, well, thank you. I’ll take that.
Karen Roby: I like to tell my kids, because they just can’t wrap their head around it, that the internet really didn’t exist when I started working in the real world. That’s just is such a foreign concept. So, if anything, it just shows your experience level and when it comes to cybersecurity, hey, that’s never a bad thing.
Otavio Freire: Oh, I appreciate that, Karen. You’re very kind.