The New Challenge: Securing our Collaboration Platforms
The tough choice between simplicity and high security of collaboration platforms
Built-in features provide limited control and visibility
What is the most common attack mechanism used by cyber criminals? Yes, it is still malware!
And what are the most used applications in our daily communication? Email, maybe, then come Zoom, Teams, Webex, BlueJeans, Skype for Business, etc.
And what do they have in common when we think about the protection and security of our communication? They all have either no or very limited capabilities to fight the most popular attack mechanism.
OK, but is this so important, is it actually a problem?
How much security is enough?
A lot of companies put their faith in endpoint protection solutions. And to be fair – that’s a very nice approach to security. If a company is able to enforce this level of control, i.e., by preventing third parties from accessing its resources, requiring employees to use corporate devices, etc., then – yes, endpoint protection would suite it just fine. Well, they might still find some benefits of platform-level security, but in general, this protection is considered good enough. Wouldn’t this severely compromise the user experience, though? To be honest, good security should be invisible and transparent to the users. Well, we might as well unplug the power, right? That’s the most secure way.
So what alternatives do we have? We’ve seen quite a number of security incidents on some of the collaboration platforms over the past year. How do you keep the flexibility and usability intact while still providing the right level of protection?
The limitations of built-in protection
Some of the collaboration platform vendors, such as Microsoft, have identified the above mentioned problems and provided an answer to their customers. They introduced built-in protection and advanced security mechanisms as an option for those who are more sensitive on that topic and promoted Office 365 as a safe place for data. And this is indeed true. To some extent. To understand the limitations of the built-in protection, we need to understand how it works. So let’s take a look, and keep in mind, we are only considering malware protection as it is today.
Office 365 has these options for data storage and exchange:
- Exchange Online
- SharePoint Online
- Teams
- One Drive
Security mechanisms of collaboration platforms
Let’s try to understand how the security mechanisms of collaboration platforms work! When you send an email to Exchange Online, your email is intercepted and analyzed. Should any suspicious content be identified, your email is blocked. The recipient is not notified of the problem, the administrator can barely configure anything – policy, exception, whatever it is. But you are safe. OK, but some cyber criminals design their messages to target a specifics anti-malware tool and can get through it.
What about SharePoint Online? You upload a file – and by “you” I mean anyone who gets some form of access to the platform – could be a partner, a customer, an employee, etc. So they upload a file and … nothing happens. It is just uploaded there without any check at all! Why? Because Microsoft does not intercept it. It does indeed perform scans on “new” files on a scheduled basis. But when, how often and with what tools? No clue! So there you go clueless and armed only with trust and faith in your protection.
Is it any different for Teams and One Drive? Not really – the approach is exactly the same.
However, organizations should consider some other important aspects when deciding whether to use security tools and mechanisms from Office 365 or from third-party vendors.
The tough choice between simplicity and high security
Clearly, one of the big problems in cyber security is the increasing complexity. That’s why, a lot of companies are now trying to figure out how to simplify it. One way is to use built-in features that require minimum effort to operate and no effort to integrate. But as we know, everything in life has a price. We tend to think more about the technical side of things and typically say – well, they are not that flexible, features are limited, etc. But there is another very important aspect that we seem to ignore – segregation.
Let me elaborate on that a bit. First of all, it is a best practice not to mix operations and security, because you might end up with a conflict of interests. However, we are ready to hand over the control of both to our collaboration platform vendor. On top of that, we tend to use the term “zero-trust” quite often when it comes to cyber security policies, and yet we are willing to put all our trust in built-in features over which we have only insufficient control and very limited visibility. What about responsibility? Can CISOs really hold any Cloud vendor responsible?
Avoid complexity with all-in-one solutions!
So let’s sum it up – we use built-in features because:
- It’s easier to deploy
- It’s easier to operate
- It’s seems to be cheaper
But we are giving up on:
- Control
- Visibility
- Segregation
- Protection
Is there a way to avoid these drawbacks? Most of us would not be willing to risk introducing additional complexity for the sake of a protection benefit that sounds good in theory. This means we need solutions that on the one hand keep the favorable characteristics (ease of administration and deployment, competitive pricing) but on the other hand give us the control back, provide the proper level of visibility, enhanced protection, and enable complying with the best practices for segregation.
Fulfilling all these requirements is not easy, yet there are some solutions that meet this challenge. iQ.Suite 360 by GBS is designed to solve the above mentioned problems. If you want to learn more, register for the free webinar , follow us on LinkedIN and XING and of course – reach out directly!
Author: Pavel Yosifov
