Collaboration and Cybersecurity:
Mitigating Risks, Enhancing Protection
Collaboration tools—such as Teams, Slack, and Zoom—have become essential for people who are working remotely or from home (WFH). But threats and vulnerabilities shouldn’t be ignored in sharing platforms and video chats with remote workers.
Table of Contents
You know the challenges of supporting clients with remote workers.
Managed Service Providers (MSPs) that support these workers are often asked to provide strong communication and collaboration tools that offer chat, email, file management, advanced searches, and the ability to call on audio or video. But these tools also have vulnerabilities and are targeted by malicious actors, which could lead to data loss and drastically affect day-to-day productivity. And it is a real challenge to deliver with any kind of peace of mind.
Three of the most popular online collaboration tools have had at least one cybersecurity incident since the number of people who WFH ballooned. During the climax of the pandemic, usage of these tools set record numbers, and it appears that there has been a culture shift and in this challenging hiring climate, working from home or even anywhere is here to stay, at least for a while. Here are some things for MSPs to consider when planning for your clients to stay protected and productive outside of an office environment, and how you can secure the data:
What Have the Threats Looked Like?
Picking up the Slack
In early March 2020, Slack publicly disclosed a bug that a new member of HackerOne found in late 2019. The white-hat hacker discovered an HTTP Request Smuggling vulnerability on the tool’s website. Slack was quick to respond, paid the bug bounty hunter, and was praised for its transparency once the bug was fixed.
Zooming Into Online Work
According to ZDNet, Zoom added 2.2 million new monthly users by mid-2020. But it also had significant security flaws. Following a spying issue in 2019, others began to uncover more problems across multiple systems and devices. Zoom also was not using the encryption method it said it was. Several companies, including Google, temporarily banned Zoom until the problems were fixed.
Teams Time for Microsoft
Microsoft saw an opportunity to ramp up its reputation as a relatively new player in the collaborative workspace. The tool Teams replaced Skype for Business, which the Redmond, Washington-based company purchased in 2011.
Teams can be a standalone application, but it also comes with Microsoft 365. It is a tempting alternative to the more popular Zoom because of its ease of integration.
Still, Teams has had problems of its own. In March 2020, it had a widespread outage that affected people globally, but mostly in Europe. In April 2020, attackers sent spear phishing email that impersonated automated emails from Teams. Security experts also found a phishing attack affecting Microsoft Sway—part of Teams—that successfully breached the Microsoft 365 credentials for executives. In that case, users only had to see a malicious GIF for an attacker to steal data.
Many MSPs have begun adopting third-party Cloud-to-Cloud backup solutions, such as Axcient x360Cloud for Microsoft 365 backup and protection. Even Microsoft encourages end-users to deploy a third-party solution in its own Services Agreement.
Since WFH became the new normal, Axcient has been supporting MSPs with solutions to protect their customers’ critical business data no matter where it lives. Among the improvements recently made to its x360 Platform, Axcient has:
- Created a more intuitive UI/UX, built from the ground up,
- Added capabilities to back up Zoom and RingCentral recorded meetings,
- Offered Microsoft 365 integration to allow easy collaboration with popular online tools that include Word, Excel, PowerPoint, OneDrive, and SharePoint,
- Integrated Remote Monitoring and Management (RMM) with ConnectWise Automate so our secure file sync and share product x360Sync could be deployed remotely,
- Enabled support for backing up Microsoft Teams, and
- Included support for backup and recovery of Google Workspace (including shared drives) in x360Cloud.
x360Cloud also offers robust full-text searches, compliance to regulations such as HIPAA, and consistently has a Grade A security rating from SecurityScorecard.
Choosing Axcient x360Cloud for Microsoft 365 and Google Workspace protection will help your MSP focus on remote enablement instead of security concerns. Want to check it out for yourself? Start a no-credit card free trial today.
About the Author:
Matt Saxton // Technical Marketing Writer in Product, Axcient
Matt works remotely from Mount Vernon, Ohio, as a Technical Writer for Axcient. He was a journalist for nearly 20 years prior to switching careers and was the managing editor for three newspapers. His experience also includes working as an IT Director, Content Developer, and Production Manager.
More Great Stuff From Our Blog:
Check out some other interesting pieces from our blog: MSP-friendly resources and tools to help MSPs educate clients to combat phishing attacks and Fight the Phish!, we dove into how chain-based backup works and why chain-free is the way to be, we talked with Jason Phelps from Huntress Labs about planning for the next ransomware attack, our CEO David Bennett explains why the current cybersecurity landscape means traditional backup is dead, or learn how you can ditch pricey on-site appliances with Local Cache for Direct-to-Cloud BCDR.