maxkabakov - Fotolia
The COVID-19 pandemic has driven a rapid increase in the number of collaboration applications entering the workplace as organizations react to the broad shift to remote work. A full 41% of the 476 companies participating in Metrigy's recent "Workplace Collaboration: 2021-22" global research study use more than one meeting application. Nearly 38% have deployed multiple team collaboration applications, and more than 15% have more than one phone system. Of the 58% using team collaboration, more than half are either allowing external access to team spaces or planning to do so by the end of 2021.
How secure are collaboration tools?
As the number of apps increases, collaboration tool security challenges have also grown for a variety of reasons.
Security capabilities available in collaboration applications vary greatly. Some offer fine-grained policies controlling joining meetings, file sharing, chat and external access, while others have more limited capabilities. Vendors have increasingly moved to offer end-to-end encryption, yet with customer-held keys, this feature is not yet available in all applications.
Application providers continue to add features to make improvements. For example, a modern meeting app enables the creation of transcripts, participant chat and file sharing, all of which create potential risk of data leakage and loss of data control.
The primary security risks, however, are unauthorized access to meetings, like Zoombombing; team spaces; and content stored within team spaces or generated by them.
The lack of consistent security capabilities, coupled with the growth in apps and features, all create increasing challenges in trying to enable and enforce consistent policies and in establishing end-to-end visibility to identify and mitigate threats before or after they occur.
In addition, organizations face additional collaboration security risks that include the following:
- toll fraud attacks against calling infrastructure that can result in financial expense;
- denial-of-service attacks against networks and on-premises applications that disrupt access; and
- the need to enforce policies that govern appropriate use of collaboration channels, internally and externally, such as identification and prevention of potentially abusive or inappropriate language.
How to prevent security risks
The struggle for security IT and business leaders is how to balance the need for security with the need for effective virtual collaboration. Unfortunately, according to Metrigy research, 41% of study participants have a proactive workplace collaboration security plan in place. Another 31% are either evaluating whether to create a plan or planning to have one in place by the end of 2021.
Metrigy's study shows that organizations with the highest ROI or productivity gains for their collaboration investments are twice as likely to have a proactive collaboration security plan as those with no security plan.
Metrigy found an estimated 21% of organizations with a proactive security approach are currently using a third-party security platform, with another 33% planning to deploy one by the end of 2021. Collaboration platform vendors, including Google, Microsoft and Slack, also offer extensive security controls for data loss prevention (DLP) and compliance.
The primary components of a collaboration security plan include the use of firewalls or application layer gateways to protect specific applications against threats, e.g., Session Initiation Protocol (SIP) registration attempts to a voice over IP (VoIP) or meeting platform; implementation of DLP controls; and efforts to ensure compliance with appropriate regulatory requirements. Additional components include third-party security audits, penetration testing, proactive patch management, and formal security assessments of application and cloud security providers.
Choosing a secure collaboration platform
Beyond having a plan, organizations can benefit from the use of platforms specifically designed to enable centralized policy enforcement and management across a variety of different collaboration applications.
Secure collaboration platforms include the following:
- AudioCodes One Voice Operations Center;
- Oracle Communications Security Shield Cloud;
- Ribbon Analytics Platform from Ribbon Communications, based in Westford, Mass.;
- Unify Square's PowerSuite;
- Virsae Service Management Security Manager, a New Zealand-based cloud-native unified communications security management product;
- SafeGuard Cyber, an emerging cloud-based technology that protects a company's social assets from security threats and compliance risk factors; and
- Theta Lake, an emerging security and compliance vendor based in Santa Barbara, Calif., for customers using modern collaboration platforms.
IT and security leaders should conduct careful analyses to ensure security platform providers can meet their specific needs. Some of the vendors mentioned above are more focused on protecting against VoIP threats, such as attacks against SIP trunks and endpoints, while others enable organizations to centralize security policy management across multiple collaboration platforms or implement controls to limit sharing recorded or captured meeting information.
Collaboration leaders must understand risks
The final aspect organizations need to address is collaboration security ownership. Today, security organizations, which include chief information security officers (CISOs) and CSOs, largely own responsibility for collaboration security, although Metrigy found that, in many cases, they lack knowledge of specific emerging collaboration threats. Security organizations must work closely with collaboration leaders to ensure they understand risks and how to mitigate them. Ideally, every security group should have a defined collaboration security lead.
Collaboration security threats are likely to only increase as organizations expand the use of virtual apps and as they enable broader external collaboration capabilities. It's time to develop a proactive security plan and make sure collaboration security is highly visible within the CISO function.