As the COVID-19 pandemic continues to spread, and as organizations and governments have forced the majority of employees to work from home, the vulnerabilities associated with collaboration tools have made headlines. New security threats are surfacing every day, driving IT and security operations teams to quickly understand and address significant security threats.
Firewalls and other traditional security solutions are not enough as threats to workplace collaboration software skyrocket from malware, viruses, worms and ransomware to data theft and more. Malicious attackers are targeting popular collaboration and conferencing tools including Slack, Google’s G Suite and Zoom. Why? Because it’s too easy for adversaries to do so. Hackers and cybercriminals are acutely aware of the sensitive information that’s shared in virtual meetings, which make them attractive targets to go after.
In addition to direct attacks, cybercriminals are taking advantage of APIs to gain access to data through collaboration tools. While integration with third-party applications delivers many business benefits, the API used to connect the UC software with third-party applications can often be exploited by a hacker to intercept data and communications between the two applications.
It only takes one hacked account to expose multiple employee’s data through collaboration software, where multi-modal sharing is happening. These channels – voice, video, screen sharing, chat, document uploads and storage and more – are far less secure than employees have come to believe.
Here are a few practical steps organizations can take to ensure a secure collaboration environment:
- Secure virtual collaboration platforms with the same high level of security policies and software as has been successfully used in securing email. In addition, apply all software patches as soon as possible, including mandating updates to end user IP devices.
- Make sure that two-factor or multi-factor authentication is enabled for all logins.
- Communicate with users and train them. Make corporate policies clear, along with consequences when accounts are not handled appropriately. This includes immediately shutting down accounts based on those policies and using automation and analytics to promptly see and address threats.
- Modernize monitoring tools and technologies designed to spot sensitive data that might be exposed. Securing cloud-based applications is completely different from traditional premise-based or distributed VPN services.
- Pay close attention to credentials. Compromised credentials are responsible for over 80 percent of all breaches, according to the 2019 Verizon Breach Investigations Report.
- Consider moving to passwordless solutions, which reduce exposure to data breaches. When using passwordless solutions to authenticate, there are no passwords for cybercriminals to steal.
How Big of a Problem is This?
In the first six months of 2019 alone, data breaches exposed 4.1 billion records, with millions of credentials in a single breach released into the public and dark web. The average cost of a breach is an estimated at nearly $4 million, and cybercrime will cost up to $6 trillion worldwide by 2021. By 2022, however, 60 percent of large and global enterprises and 90 percent of medium enterprises will implement authentication methods, indicating that a growing number of organizations understand that they need to adopt strong security measures.
The recent high-profile COVID-19 cyberattacks have many organizations understandably focusing their security efforts on preventing data breaches. While ensuring data security is indeed a top priority, enterprises must not become complacent in securing their mission-critical, real-time communications applications, systems and networks — including voice over IP (VoIP) and unified communications (UC) — which can be directly targeted as attack objectives in themselves or used to exploit a new attack vector into other applications, systems and networks.
With the convergence of data and telephony networks, the ubiquity of real-time communications (including VoIP, UC and mobile phones) and now the rapid expansion of work-from-home, hacking has come full circle as telephony attacks rise. As a result, enterprises must revisit their RTC security posture using a holistic approach to ensure the integrity and availability of these applications and systems, as well as the confidentiality and privacy of sensitive data on converged networks and data center infrastructures.
This is especially true as remote worker use cases and BYOD grow even faster due to the response to the deadly pandemic. These scenarios provide one of the strongest use cases for RTC, allowing businesses to adopt virtual user models, optimize office space and be more responsive to customers. The challenge is to enable RTC in a secure environment. As endpoints like tablets and mobile phones move farther from the core network, it becomes harder to control authorized access to the network. Additionally, a great deal of the RTC traffic traverses the public Internet and is often accessed via unsecure public WiFi connections. Remote and mobile worker productivity is reliant on this access, but the associated security risks must be fully understood and properly addressed.
Virtual collaboration is something that will only increase across the enterprise. Even with these enormous risks, there are significant benefits – and with the right security posture in place, there is no need to make a tradeoff.