Collaboration apps have taken the corporate world by storm, nearly to the point of being a required component of business technology. They’re no longer just instant messaging programs that we remember from AOL and MSN in the early 2000’s. Now, collaboration apps like Basecamp, Microsoft Teams, Slack, Dropbox, and Facebook Workplace are giving companies the potential to drastically increase communication in ways that are unattainable by email or previous mediums. With these cloud-based platforms, employees and stakeholders can easily share ideas, files, and company data without the need to leave their desk.
Sounds like a fool-proof way to maximize productivity in the workplace, right? Well, unfortunately these platforms can be detrimental to your company’s security. Since these are cloud-hosted messaging programs, cyber-criminals are constantly looking for ways to infiltrate the system. For example, 500,000 email addresses and other personal data were hacked in February of 2015 from Slack. Thus, understanding the security risks behind these platforms is the key to ensuring they’re a controlled benefit of your business, rather than a way to lose control of your intellectual property. Take a look at these 7 recommendations to abstain from common security and privacy mistakes:
- Always update web browser privacy settings. Most often, collaboration tools are delivered through a public web browser, exposing the user to cookies, malware, plugins, and other unauthorized tracking. To be safe, use a collaboration tool that can be fully downloaded to a device rather than existing solely on the web.
- Require unique passwords. We recommend that companies require their employees to create a fresh, complex password that isn’t used for any other application. Instead of the common password changing model, consider using a recovery-key concept for lost devices.
- Employee training is key. Educate your employees on best practices for cyber-privacy when using collaboration apps. At Pegasus, we offer organizations security training to demonstrate expert security tips.
- Exclusively administer who has privileged access – Different individuals have varying levels of access to collaboration tools. Choose a platform that allows you to set up tight controls around what information users can see, set alerts when unpermitted accounts try to access information, and terminate access rights for an account that’s been compromised.
- Choose an encrypted solution. Most collaboration apps offer some degree of encryption, but you need to make sure they’re compliant with the strict standards of companies like HIPAA and PCI/DSS.
- Consider eliminating email summaries. Summaries of daily activity on collaboration platforms are typically sent to employees via email. If your email system has any vulnerabilities, or if summaries are going outside of employees’ company email setup, you’re opening the door for outsiders to step in. Choose a platform that provides “recent activities” summaries within the software, and opt out of email summary options.
- Beware of URL-related issues. Most hackers can find out which collaboration app you’re using by simply typing in “companyname.appname.com” into a URL browser. Likewise, many apps will pull metadata into URLs in the software itself, which can inadvertently expose your data. Choose a solution that enables your IT team to control a secure and customized URL structure.
Like any other aspect of your IT network, it’s vital to maintain high-security standards with collaboration apps to avoid revealing sensitive company and client data to hackers. At Pegasus, keep up with the latest trends regarding collaboration apps, and can give you guidance on which is best fit for your company’s structure. Reach out to one of our professionals today for more information!
