CONTRIBUTED ARTICLE
By Martin Cannard, VP of Product Management at Netwrix
Innovative workplace software has been a boon to communication and productivity. Since the pandemic started, the number of active monthly users in Microsoft Teams has skyrocketed to 270 million, with workers relying on it for videocalls, document sharing, instant messages and funny memes.
However, with increased use comes increased risk. Here are the most common security vulnerabilities associated with Microsoft Teams and the preventive measures that IT administrators can — and should — take to protect their organization’s sensitive data from falling into the wrong hands.
Internal Data Sharing
Microsoft Teams enables users to quickly exchange files with colleagues. It’s fast and convenient, but not always safe. Some users will share sensitive information with people who shouldn’t see it.
The best way to mitigate this risk is to implement information barriers that prevent specific individuals or groups from communicating with each other. It’s also possible to allow communication while disabling file sharing, although this method won’t solve the problem of employees copying and pasting sensitive information from a document into a chat window.
Another option is to use data loss prevention settings to detect and block sharing based on specific content within a message, such as Social Security numbers or credit card details.
Sharing with Guests
Microsoft Teams also enables employees to share information with external parties, such as vendors and clients. In particular, employees can share documents, participate in chats, and make and receive calls. This feature enhances collaboration, but increases the risk of sensitive data being shared inappropriately.
Again, data loss prevention tools can help. Microsoft enables you to tag documents that should be encrypted so that only certain individuals or groups can decrypt and open them. This enables employees to freely share documents externally without the risk of the wrong people accessing them.
Phishing
Teams is no stranger to standard marketing techniques: When a user is inactive for a while, it sends them a reminder email about messages that are waiting for their response, which contains a link to the platform. As you might have guessed, this email can be forged by cyber attackers.
The IT team has to inform employees about this risk and train them to recognize such scams. Although this basic step is often overlooked, it can really help organizations improve their online security and maintain system health.
Other valuable security measures
In addition to using the security features built into Microsoft Teams, we suggest monitoring activity in Teams. Ideally, you should use the same solution you use to audit other activity in your IT ecosystem, since that will enable you to classify data consistently and improve threat detection and response. Keep in mind that Teams uses SharePoint Online for data storage.
In addition, a dedicated auditing solution can help IT teams stay informed about external user activity, spot suspicious changes before they turn into a breach, investigate incidents involving Teams data, and prove compliance to auditors.
Conclusion
When implementing security controls, IT pros need to keep in mind that business users rely on platforms like Teams as a convenient way to interact with other people. If the restrictions are unreasonably tough, employees might switch to tools outside the corporate IT environment, which dramatically increases risks. Accordingly, it’s wise to seek a balance between security and productivity by finding reasonable limitations and rules – and tools – that work for both IT teams and business users.
About the Author – Martin Cannard is VP of Product Strategy at Netwrix. Martin is an accomplished executive/product manager with a 30-year track record of success from startups to enterprise software organizations, specifically in the privileged account management and identity and access management space.
CONTRIBUTED ARTICLE
