Security Magazine logo
  • Sign In
  • Create Account
  • Sign Out
  • My Account
  • NEWS
  • MANAGEMENT
  • PHYSICAL
  • CYBER
  • BLOG
  • COLUMNS
  • EXCLUSIVES
  • SECTORS
  • EVENTS
  • MEDIA
  • MORE
  • EMAG
  • SIGN UP!
cart
facebook twitter linkedin youtube
  • NEWS
  • Security Newswire
  • Technologies & Solutions
  • MANAGEMENT
  • Leadership Management
  • Enterprise Services
  • Security Education & Training
  • Logical Security
  • Security & Business Resilience
  • Profiles in Excellence
  • PHYSICAL
  • Access Management
  • Fire & Life Safety
  • Identity Management
  • Physical Security
  • Video Surveillance
  • Case Studies (Physical)
  • CYBER
  • Cybersecurity News
  • More
  • COLUMNS
  • Cyber Tactics
  • Leadership & Management
  • Security Talk
  • Career Intelligence
  • Leader to Leader
  • Cybersecurity Education & Training
  • EXCLUSIVES
  • Annual Guarding Report
  • Most Influential People in Security
  • The Security Benchmark Report
  • Top Guard and Security Officer Companies
  • Top Cybersecurity Leaders
  • Women in Security
  • SECTORS
  • Arenas / Stadiums / Leagues / Entertainment
  • Banking/Finance/Insurance
  • Construction, Real Estate, Property Management
  • Education: K-12
  • Education: University
  • Government: Federal, State and Local
  • Hospitality & Casinos
  • Hospitals & Medical Centers
  • Infrastructure:Electric,Gas & Water
  • Ports: Sea, Land, & Air
  • Retail/Restaurants/Convenience
  • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
  • Industry Events
  • Webinars
  • Solutions by Sector
  • Security 500 Conference
  • MEDIA
  • Videos
  • Podcasts
  • Polls
  • Photo Galleries
  • Videos
  • Cybersecurity & Geopolitical Discussion
  • Ask Me Anything (AMA) Series
  • MORE
  • Call for Entries
  • Classifieds & Job Listings
  • Continuing Education
  • Newsletter
  • Sponsor Insights
  • Store
  • White Papers
  • EMAG
  • eMagazine
  • This Month's Content
  • Advertise
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceSecurity Education & TrainingCybersecurity News

The top three collaboration security misses by CISOs

By Brandon Long
communication/security freepik

<a href='https://www.freepik.com/photos/business'>Business photo created by jcomp - www.freepik.com</a>

May 6, 2021

Back before enterprises embraced the cloud and its many benefits, software was released every two years through a formal change management process or organizations would introduce new software into their business on a scheduled basis. As a result, chief information security officers (CISOs) had an infinite timeline to make security-based decisions.

Today, organizations roll out capabilities automatically, putting new applications into the hands of users instantly, and forcing IT and compliance departments - not to mention the CISO - to constantly play catch up. Attempting to manage these apps reactively, rather than proactively, adds additional stress to IT and security departments. Further complicating matters is the fact that the most advanced, cutting edge and well-adopted collaboration platforms are marketed to, used by, and frequently even deployed by end consumers. IT and compliance departments must continue to adapt as the lines between enterprise and consumer technology continue to blur.

This issue has only been exacerbated by the almost overnight shift to work from home in early 2020. Most organizations accelerated a decade’s worth of digitization in just one year, from remote teamwork and learning to sales and customer service to critical cloud infrastructure and security. This meant businesses were frantically downloading and purchasing new products to help. The rapid deployment of unified communications (UC) and collaboration platforms during the past year and a half drove a new set of challenges for IT, security and compliance teams. As we continue to embrace hybrid work, CISOs and compliance teams are wading through and in some cases even overlooking many different areas related to collaboration security. We’ve highlighted the top three areas of risk in this post which should keep CISOs awake at night. The remote workplace continues to evolve at lightning speed, and so too should CISOs – or risk sensitive materials ending up in the wrong hands.

 

1. A Battle for the Ages: Security versus Usability

If it’s true that no good deed goes unpunished, then CISOs aiming to balance security with usability are feeling the heat. For some, risk prevention wins out: hospital systems or financial institutions might endure limited product flexibility in favor of their tight security. For others - like a commercial real estate company - usability in the form of easy and fast communication wins.

No matter where an organization falls on the usability and security scale, CISOs must stay proactive and involved when it comes to making security, governance, and business decisions. Both sides of the coin can be a miss depending on the type of business, so successfully evaluating risk prevention and collaboration needs is essential to building an effective business strategy.

The ability to record a meeting is one of the greatest potential productivity improvements, but many organizations have failed to deliver on its benefits. Instead, organizations have chosen to take the easy way out, simply disabling the feature in lieu of putting in the work to build a comprehensive lifecycle management and security policy around meeting recording and internal and external sharing. This lack of effort can also force an employee’s hand to utilize other, less secure means of recording.

While successful CISOs can straddle both security and usability needs, they don’t have to be mutually exclusive. Instead, they should be encouraged to tap outside help - preferably, a team that can combine real-world best practices with an objective voice - that guides an organization to the middle of the security and usability Venn Diagram.

 

2. Throwing Guest Access Policies - and Caution - to the Wind

In the first half of 2020, as large numbers of enterprises were scrambling to onboard new UC and collaboration platforms, additional levels of security - like guest access policies - weren’t a major priority. But now, as we enter the second year of predominantly working from home, incorporating solid guest access policies are crucial to prevent an enterprise from falling victim to a hack or breach.

That said, CISOs face another delicate balance when it comes to guest access policies: balancing restrictiveness with ease of use. With email no longer serving as an organization’s defacto communication tool, employees may turn to shadow IT in lieu of overly restrictive policies. Instead, CISOs must implement flexible and secure guest access policies that appeal to the needs of both internal and external stakeholders.

A good example of this is what Microsoft recently announced during Ignite: a new channel sharing feature for Microsoft Teams. Now there are two options for secure collaboration with people and organizations outside of your own - Teams Connect and Teams Guest Access. And while this channel sharing feature has many benefits, it too opens an additional security hole for CISOs and compliance teams to manage.

 

3. No Structure, and Many Naming Crimes

Like guest access policies, the idea of formalizing cross-functional naming conventions across teams and platforms seemed daunting in the early months of 2020. Organizations that continue to avoid implementing a consistent naming convention not only risk losing valuable documents or programs, but create slower, more complicated workflows for their employees.

An integral part of finding the Venn Diagram balance between security and usability is having different collaboration policies across regions and technologies. A good way of signalling the policy to users is through naming conventions – for example, Teams and Channels with guest access enabled should have a prefix (EXT) to indicate their guest access policy, like “EXT_US_Marketing Project.”

It’s critical to craft consistent naming conventions across platforms, prioritizing discoverability. CISOs must also work directly with mid and senior-level management to identify conventions already being commonly used and launch a strategy to encourage compliance company wide.

 

The Highest Risk is Often from Within

Risk can originate from several platform starting points including files, chat streams, comments, and meeting transcripts. But the truth is that current and former employees are a massive high-risk area that is often overlooked.

24% of employees are unaware of their company security guidelines. Further, millennials are twice as likely to install apps not approved by IT. The result? 43% of data breaches (half of which are accidental) stem from employees.

Let end users run free, and it’s only a matter of time before something is shared with the wrong person. As an InfoSec or IT professional, you’re continuously evaluating and assessing security risks and now is the time to establish the critical security and governance controls needed to reduce the risks inherent in mainstream collaboration platforms.

This article originally ran in Today’s Cybersecurity Leader, a monthly cybersecurity-focused eNewsletter for security end users, brought to you by Security Magazine. Subscribe here.

KEYWORDS: Chief Information Security Officer (CISO) cloud security collaboration compliance information security risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Brandon Long is a Collaboration Security & Governance Solution Architect at Unify Square.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Top Cybersecurity Leaders
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cyber Tactics Column
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

Security’s Top 5 – 2024 Year in Review

Security’s Top 5 – 2024 Year in Review

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security camera

40,000 IoT Security Cameras Are Exposed Online

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

What do zebras, school groups and high-tech surveillance have in common? They're all part of a day’s work for the security team at the Toledo Zoo.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • SEC_Web_5Minutes Bovee.jpg

    The top challenges CISOs face in identity security

    See More
  • cyber feat

    The Top Three Cyber Security Leadership Qualities

    See More
  • Growing and Gaining

    Recruiting the Future of Security: Finding Future CISOs

    See More

Related Products

See More Products
  • Risk-Analysis.gif

    Risk Analysis and the Security Survey, 4th Edition

  • Physical-Security-and-Safet.gif

    Physical Security and Safety: A Field Guide for the Practitioner

  • 150 things.jpg

    The Handbook for School Safety and Security

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!