Using tools and technologies in the enterprise to collaborate and connect with employees and colleagues is not a new concept. But there is a new generation of collaboration apps that are getting smarter as chatbots rise in popularity.
The ways in which businesses used to work are being seen as outdated, and more employees want to move to a new way of working. The problem, however, is the collaboration app a business chooses, or how they implement it can lead to unwanted security threats.
(Related: What’s going on with Android security?)
“The great thing with technology is it helps us to move fast and move more agile, but by the same token, in doing so we don’t realize some of those necessary risks that are introduced with respect to moving as quickly as we do,” said Don Meyer, a cybersecurity expert at Check Point Software Technologies.
Collaboration applications and chatbots have already taken hold on the consumer side, but now enterprises are looking to adopt these solutions to collaborate and consolidate information. According to Meyer, with new technology comes new opportunities, but with business-sensitive information living in these applications, there are a couple of things to consider before moving over to a new solution. “What is the code, who wrote the code, how secure is the code, how is it being deployed, is it being deployed on a secure channel, does it interact with other things and the outside world, and is it isolated?” he said.
According to Sam Elliott, director of security product management at Bomgar, there is nothing wrong with these technologies and there haven’t been any huge security threats in the applications themselves, but sometimes the threats lie in how the software is brought into the business. He explained that businesses may already have a preferred messaging app, but it may not be modern or it crashes a lot.
“Developers are smart, and they are just trying to get their job done with the path of least resistance, so they go find the latest, greatest tool and start using that, and bypass what the IT department has sanctioned,” said Elliott.
The problem with developers implementing their preferred tools is that it could allow internal and external communications, and require a self-created account versus one that already exists within IT. Therefore, a hacker could potentially get into the system and pretend to be a colleague in order to obtain sensitive information, according to Elliott.
“The easiest and favorite mode of attack currently is through phishing,” he said. “Catching somebody unsuspecting because it seems so legit that you populate information that it is requesting of you, whether it is your credentials or some other set of information. It just gives those threat actors another way to catch you off guard.”
When it comes down to it, the threats revolve around whether or not the solution is sanctioned by IT. “IT is of course going to be selecting apps that have the right capabilities to protect the business’ interest as well as the user’s interest when they are out there trying to collaborate,” said Elliott. “Solutions that aren’t IT-sanctioned may not meet corporate security policies.”
Some things to look for when choosing a collaboration app for your enterprise include making sure the tools they are using are aligned with the business’ policies on data leak protection, encryption, authorization and usage, Elliott explained.
Also, integration with the business’ directory services so they don’t have to burden users or employees with creating their own accounts. “In other words, I can log in with the credentials already provided to me by the business,” said Elliott.
Check Point’s Meyer explained that removing that human element is extremely important because that tends to be the weakest link. “Whether we are doing a misconfiguration on a piece of equipment, trying to introduce a new piece of technology into an existing environment, or forgetting things like changing default passwords or turning encryption on, ultimately the human element tends to be the weakest element in any cybersecurity solution,” he said.
Elliott agreed that the threats and risks all come back to the users. To prevent problems, users need to be trained to interpret a real collaboration message request versus one masquerading as one. “If you are not security-minded and aware in the first place then even the best tools are going to potentially represent a threat,” he said.
You also have to make sure the solution provides the proper encryption to ensure secure collaboration. For instance, when you look at a popular collaboration tool Slack’s security features, it is promising that it lists data encryption in transit and at rest as one of its first security features, Elliott explained.
Both Meyer and Elliott agreed that since this technology is still relatively new, there are still ways hackers can get into the system that haven’t been thought of or come to light yet.
“Once it starts gaining a foothold, I’m sure we are going to start seeing a couple of interesting exploits. But right now not really seeing a whole lot of it yet,” said Meyer.
To protect against ongoing and evolving threats, Elliott said to always think from a hacker’s perspective. “Assume the hackers are already in. All of that sounds defeatist, but it is a realistic approach,” he said. “Take appropriate steps that maybe you wouldn’t take if you didn’t assume the threat actors are already in the organization.”
If a hack does happen, businesses should make sure they have a good incident response plan that includes communication, cleanup and getting back to business, Elliott explained.