Corporations have been quick to adopt collaboration/communications applications – specifically Slack and Teams – which were further accelerated by the shift to hybrid and remote workforces due to the pandemic. If your company is using these SaaS solutions, be aware that there are security concerns that are not easily addressed with the native security features these applications provide. You’ll face significant challenges trying to shut down access to corporate files and data that may be inadvertently shared through Slack or Teams. Here’s a closer look at the issue and a possible solution:
Most likely your company, like so many others, needed to find new ways to communicate and collaborate with internal and external partners when Covid-19 scattered workers from their offices to their homes. Benefiting greatly from this shift were Slack (42% growth in paying customers from one year to the next) and Microsoft’s Teams (from 32 million to 145 million daily active users in a year).
Companies found themselves sharing files and data via these SaaS applications with not only internal employees, but with consultants, external agencies, freelance workers, suppliers and whomever else they needed to partner with to get the work done. New channels were added, as well, to funnel information to specific parties – all with minimal-to-no oversight by security and IT teams.
Of course, there’s good reason to encourage collaboration; it’s a mainstay of doing business now. But the problem is that too many businesses fail to see the risks they run when relying heavily on SaaS applications such as Slack and Teams.
SaaS data exposure risks arise from seemingly benign activities:
While both Slack and Teams have security features built in to protect the applications, themselves, from external threats, they are not well-equipped to straighten out the dangers posed by the common sharing actions just described. No native tools exist to help the IT or security team determine the answers to a variety of practical questions:
Teams does offer some ability to address these issues through native security features. But as we discussed in our blog about the unrealistic manual effort needed to secure multiple SaaS applications, your team likely will still have to find a way to control data access provided by any number of other SaaS apps besides those produced by Microsoft.
And even so, it takes significant effort to shut down access because there’s very little automation for the actions required. In short, the IT/security teams would need to review each channel and user manually to determine what needs to be closed. More perniciously, sharing provided through a user will remain in Slack or Teams, even when the user has been deleted.
With DoControl, all the manual work that would be required to shut off unwanted or outdated access gained through Slack and Teams can be automated. You can quickly determine which channels no longer should be open, which files and data access points remaining after a user has left should be shut down, and what other vulnerabilities you’re facing. And even better, all can be addressed with automated processes that will save considerable time and effort and help keep your company safe.
To learn more about how DoControl can save you time and costs in shutting down unwanted access in not just Slack and Teams but all major SaaS applications, get in touch with us.
This stat comes from the industry report we published earlier this year: The Immense Risk of Unmanaged SaaS Data Access. It’s a great read. We recommend you check it out.
We are excited to announce our expansion of DoControl’s integrated technology partnership program to include Datadog. As a leading platform provider for monitoring and security for cloud applications, the integration with Datadog allows security operations teams to have a more holistic view of risk across the mission-critical Software as a Service (SaaS) applications being leveraged to enable business enablement and productivity.
The last time the RSA Conference was a live, in-person event was right before the world as we knew it came to a screeching halt. Every technology vendor did their best to rollout “virtual” events which were in no way comparable to the real thing. Everyone – including all of us here at DoControl – was missing the “human connection.” As a vendor that was “born out of the pandemic,” we were very excited to (for the first time!) meet face-to-face with prospects, customers, peers, partners and more to talk about all things Software as a Service (SaaS) data security.
When it comes to addressing insider risk, security starts within. Protecting sensitive company data from exfiltration and misuse requires a combination of the right people, process, and technology. Managing insider risk and preventing threats to the business is not achieved with any of these pillars individually. Modern businesses require technology that prevents and detects unauthorized access to critical assets; processes to support automated data access remediation; and people that are educated about – and watchful of – potentially risky activity who can course-correct during potentially risky activity. Modern organizations need all three pillars interconnected in order to protect their most critical assets.