Collaboration and Cybersecurity:
Mitigating Risks, Enhancing Protection
Collaboration tools—such as Teams, Slack, and Zoom—have become essential for people who are working from home (WFH) during the COVID-19 pandemic. But threats and vulnerabilities have taken the fun away from sharing platforms and video chats while out of the office.
Remote workers are different from those who sit in a corporate office. They are distant from their colleagues and have the potential to miss conversations and cultural experiences that are essential for their jobs.
Managed Service Providers (MSPs) that support these workers must provide a strong communication and collaboration tool that offers chat, email, file management, advanced searches, and the ability to call on audio or video. But these tools also have vulnerabilities and are targeted by malicious actors, which could lead to data loss and drastically affect day-to-day productivity.
Three of the most popular online collaboration tools have had at least one cybersecurity incident since people began WFH. During the climax of the pandemic, usage of these tools set record numbers. Unfortunately, some were doing more harm than good, which made MSPs wonder how to stay protected and productive during these uncertain times.
Picking up the Slack
In early March, Slack publicly disclosed a bug that a new member of HackerOne found in late 2019. The white-hat hacker discovered an HTTP Request Smuggling vulnerability on the tool’s website. Slack was quick to respond, paid the bug bounty hunter, and was praised for its transparency once the bug was fixed.
Zooming Into Online Work
According to ZDNet, Zoom added 2.2 million new monthly users this year. But it also had significant security flaws. Following a spying issue in 2019, others began to uncover more problems across multiple systems and devices. Zoom also was not using the encryption method it said it was. Several companies, including Google, have banned Zoom until the problems are fixed.
Teams Time for Microsoft
Microsoft saw an opportunity to ramp up its reputation as a relatively new player in the collaborative workspace. The tool Teams replaced Skype for Business, which the Redmond, Washington-based company purchased in 2011 (although Microsoft recently announced it would begin integrating Teams and Skype).
Teams can be a standalone application, but it also comes with Microsoft 365. It is a tempting alternative to the more popular Zoom because of its ease of integration.
Still, Teams has had problems of its own. In March, it had a widespread outage that affected people globally, but mostly in Europe. In April, attackers sent spear phishing email that impersonated automated emails from Teams. Security experts also found a phishing attack affecting Microsoft Sway—part of Teams—that successfully breached the Microsoft 365 credentials for executives. In that case, users only had to see a malicious GIF for an attacker to steal data.
Many MSPs have begun adopting third-party Cloud-to-Cloud backup solutions, such as Axcient CloudFinder with Microsoft 365 protection. Even Microsoft encourages end-users to deploy a third-party solution in its own Services Agreement.
Since WFH became the new normal, Axcient has been supporting MSPs with solutions to protect their customers’ critical business data no matter where it lives. Among the improvements recently made to its x360 Platform, Axcient has:
- Created a more intuitive UI/UX, built-from the ground up,
- Added capabilities to back up Zoom and RingCentral recorded meetings,
- Offered Microsoft 365 integration to allow easy collaboration with popular online tools that include Word, Excel, PowerPoint, OneDrive, and SharePoint,
- Integrated Remote Monitoring and Management (RMM) with ConnectWise Automate so Anchor could be deployed remotely,
- Enabled support for backing up Microsoft Teams, and
- Included support for backup and recovery of Google G Suite (including shared drives) in CloudFinder.
CloudFinder also offers robust full-text searches, compliance to regulations such as the Healthcare Insurance Portability and Accountability Act (HIPAA), and has a Grade A security rating from SecurityScorecard.
Choosing Axcient CloudFinder for Microsoft 365 and G Suite protection will help your MSP focus on remote enablement instead of security concerns.
About the Author:
Matt Saxton // Technical Marketing Writer in Product, Axcient
Matt works remotely from Mount Vernon, Ohio, as a Technical Marketing Writer for Axcient. He was a journalist for nearly 20 years prior to switching careers and was the managing editor for three newspapers. His experience also includes working as an IT Director, Content Developer, and Production Manager. When he’s not researching or writing about cybersecurity, Matt enjoys time with his family and pets, gardening, photography, and remodeling his home.