Vulnerabilities in Enterprise Collaboration
Enterprise collaboration tools like Microsoft Teams and Slack are made to be convenient and easy to administer for low stakes, day-to-day enterprise communications.
But what makes them easy and convenient is also what makes them vulnerable in high-stakes scenarios like a cyber attack as the plain-text contents of messages and files are available to anyone with the right username and password.
Read on to find a deep dive of how and when Enterprise Collaboration Apps will leave you high and dry.
The right credentials, in the wrong hands
Hackers often target admin credentials. Why? Traditional enterprise software grants a select group of administrators extensive data access. While this setup simplifies management, it also means your IT admins can access emails and messages within your collaboration tools.
If hackers obtain these credentials, they can too. With this access, hackers can infiltrate the communications channels of your most critical teams in order to hamstring your remediation efforts.
Zero-Trust for thee, no restrictions for me
For all the talk that enterprise vendors give of why you should be using zero-trust models to control for insider threats, rarely do they apply that advice to themselves.
It’s quite typical for hundreds of employees in third-party software vendors to have full access to your underlying data and messages for things like customer support and R&D. This dramatically increases your threat surface area and makes controlling for insider threats almost impossible.
It can’t just be “in the cloud”
Data residency is a huge concern globally with many countries having strict residency and data sovereignty requirements that are at odds with how the largest enterprise collaboration tools store your data.
Because enterprise software vendors typically have full access to your data, they become obligated to comply with the data access laws of the country they operate in. Often their Terms of Service indicate various internal and external parties can and sometimes do process, scan, or read customer data on their servers, including foreign nationals.
And, the challenges don't end there.
Enterprise collaboration tools face multiple security and governance challenges that are hard to address for more sensitive use cases.
Enterprise collaboration tools rely on two security methods: encryption-in-transit, which ends at the network boundary, and encryption-at-rest for stored data. However, between these stages and when accessing past communications, your communications are vulnerable.
In simpler terms:
- Admins of collaboration apps can access information without encryption.
- If hackers get these admin credentials, they can also see unencrypted information.
- There’s added risk if the cloud service providers get compromised.
Enterprise key management can bring extra infrastructure, admin time, and costs. However, it doesn’t necessarily boost security.
- Even with EKM, Microsoft and Slack access client communications in plain-text due to ongoing access to signed keys.
- This access continues until a breach or misuse is discovered and you revoke their access.
- That’s like locking the barn door after the horse has already escaped.
When two organizations with different retention policies communicate in shared channels, inconsistencies can emerge, creating gaps in audit trails. For instance:
- Organization A keeps records for one year, while Organization B retains them for three years.
- After a year, Organization B‘s records will begin to have gaps.
- As time passes, it will become increasingly unclear as to what Organization A said that led to Organization B’s responses.