Are Your Team Messages Secure

This creates a situation in which IT is the barrier to allowing employees to use team collaboration apps to improve internal and external collaboration. When IT finds itself in the role of “Dr. No,” users often go around IT and use the apps they want to use without IT consent or control. The nature of cloud applications, allowing anyone to register for a free or low-cost account via a Web or mobile app, makes it especially difficult for centralized IT teams to control non-authorized application use. The team messaging market continues to grow, with nearly 60% of the approximately 600 companies participating in Nemertes Research’s annual unified communications and collaboration study either already using or planning to deploy such apps by the end of 2019. As team collaboration evolves from simple chat into a digital workplace hub — integrating chat, calling, meetings, documents, and application data — cybersecurity and risk management professionals are beginning to pay close attention to how information contained within their team management environments is protected. Why Slack Should Be Concerned about Microsoft Teams Kevin Kieller July 25, 2019 Likable though he may be, Slack CEO Stewart Butterfield is missing the point about his company’s chief competition. Diving DeeperAt Enterprise Connect Orlando this month, we’ll dive more deeply into the challenges related to enterprise team messaging security. Please join me on Wednesday, March 20, in Osceola A at 3:00 p.m., for my session, “Securing Your Team Messaging Data.” The session will feature panelists from Cisco, Slack, Ribbon Communications, Symphony, and Oracle, who will talk about the risks, best practices for mitigating, and how team collaboration vendors are continuing to differentiate based on their security capabilities. I look forward to seeing you there! Be My Guest… Or Don’tAnother security area worrying IT leaders is how to extend team collaboration workspaces across company boundaries. Today, most rely on supporting guest accounts. It may be possible to lock down guest access to ensure, for example, that no files are sent to a guest and that the guest access terminates after a set period of time. However, the more worrying aspect of guest access security is the opportunity for an enterprise’s own employees, using a guest account on another company’s service, to inadvertently share sensitive documents, bypassing well-constructed approaches for information protection. Replacing guest accounts with federation approaches, either natively offered by a team collaboration vendor or by using services like NextPlane and Mio, may offer a better means of controlling this potential security risk. Holding the KeyOf those organizations using team collaboration applications, only about one-quarter export messages to an external archive for classification and retention. The rest rely on controls provided by the team messaging vendor to enforce content access and retention policies. This approach often leads to concerns about how the team collaboration vendor manages encryption keys to control data access. Log in or register to post comments Taming Teams: Where’s My Data? Kevin Kieller July 02, 2019 This simple storage question has a complex answer that any multinational organization considering Teams needs to explore. Slack Debuts New Enterprise Security Controls Beth Schultz August 06, 2019 Enhancements aim to provide the ability to deploy Slack at enterprise scale in “safe, secure, and centralized way.” If you haven’t gotten your pass yet for Enterprise Connect, taking place March 18 to 21 at the Gaylord Palms in Orlando, Fla., it’s not too late! Register now using the code NJPOSTS to save $200 off your conference pass!Tags:News & ViewsNemertes Researchcybersecurityrisk managementencryption keysguest accessTeam Collaboration Tools & WorkspacesCloud CommunicationsMessagingSecurity Articles You Might Like Beyond retention, encryption, and guest accounts comes the challenge of implementing integrations between business applications and team collaboration apps. Here, cybersecurity professionals are looking for approaches that not only control access, but can also identify potential hack attempts, both internally and externally. cloudsecurity_774.png Over the last year we’ve seen significant efforts by vendors to differentiate themselves based on their security model, and their options for encryption key management. For example, Cisco and Symphony tout their end-to-end encryption models that provide customers with the ability to hold their own keys, or in the case of Symphony, place those keys into a third-party escrow. ArmorText focuses on high security applications, with flexibility to maintain access to message stores even if a single device is lost or compromised. More recently, Slack, at its 2018 Frontiers events, announced plans to allow Enterprise Grid customers to manage keys via AWS’s key management capabilities (see related coverage, “Slack and Zoom: Bottoms Up”). The ability for organizations to manage their own encryption keys means that in theory, the customer can restrict its application provider from accessing its team messaging data, alleviating a big enterprise concern around moving sensitive communications to the cloud. Nemertes’ data shows that security concerns are currently the biggest inhibitor to team collaboration adoption. As most market-leading services are cloud-based, some organizations — especially those in regulated industries or those that deal with classified information — are still reluctant to, or unable to leverage team collaboration due to internal prohibitions on the use of cloud-based services. Taming Teams: Microsoft Looks to Inspire Partners Kevin Kieller July 16, 2019 Pushes the multiplier effect of the cloud, and highlights embedded Teams capabilities See All in Team Collaboration Tools & Workspaces » Slack Modernizes Desktop Client Beth Schultz July 22, 2019 Touts greater efficiency, responsiveness, and reliability… all of which should help workers be more productive. read more