According to a recent survey, many global IT policymakers consider Corporate communication and collaboration (EC&C) apps as vulnerable to cyber attacks, such as Slack, Dropbox, etc. The survey was carried out by the Israeli cybersecurity firm Perception Point and comprised 500 respondents from various industries. The respondents are medium and large businesses with over 1000 workers. This survey covered EC&C apps (Slack, Microsoft Teams, etc.), corporate social networking (Yammer, Jive, etc.), virtual workspaces shared (IntraLinks, SharePoint, etc.) and the sharing and sync of file applications (Dropbox, OneDrive, etc.).
“Yoram Salinger, the CEO of Perception Point, informs Channel Partners that EC&C apps such as popular drives and texting are usually not enhanced with advanced safety measures, as opposed to email. “It ensures that files and URLs on these networks are not searched thoroughly for malicious content,” he said. “Intrusions may occur when users interact on unmanaged endpoints with third parties, by hackers using impersonating technologies, and even by insider threats that have easy access. IT departments must be mindful that their attack surface increases with the introduction of these applications. While the business productivity tools, shared drives, messaging, files or URLs that are exchanged remain extremely important, they need to be as secure as the email. “Almost 80 per cent of organizations had between 2 and 10 of those applications; 90 per cent of all surveyed respondents stated that the usage of these EC&C apps had increased for the last year. Most interestingly, 75% of respondents decided to invest in more of these applications in the near future. This is to be viewed with some caution because most of these apps do not have advanced protection, as Yoram Salinger points out. Notice that nearly 80% of all survey respondents have reported that flash drives and messaging channels have been used to share files, URLs etc. by workers in their organisations. This is because information sent via these shared drives and messaging platforms is mostly left unscanned by the existing security tools.
The survey report also shows that two-thirds of the companies covered by the survey had at least once in the past year faced a cyber attack. 78% of businesses agree that the attacks are increasingly sophisticated and that hackers do not use advanced hacking techniques to exploit vulnerabilities. We can also bypass the stronger access points (such as email) very often. It seems that cyber criminals are also targeting emails on these insecure networks (EC&C apps). Organizations should therefore definitely think about ways of protecting these platforms.
The survey report also shows something very interesting. Of all the companies covered in the survey, only 5% use their integrated protection from outside security vendors. While hackers attacked these applications, businesses and cybersecurity teams seem to be a little indifferent in protecting them. There seems to be more debate about these, and only these discussions could perhaps reinforce protections for these networks by businesses.
Yoram Salinger, CEO of Perception points, quotes the Channel Partners report once again, “It is now a big chance for IT to exploit the move to the cloud to rationalize security portfolios using more comprehensive, agile approaches that are able to keep pace with hacker developments and secure multiple channels without increasing costs, complexity or waiting. IT needs to start implementing strategies for the cloud business, while staying relevant to today and tomorrow’s threats.