The use of enterprise collaboration tools is growing by leaps and bounds. Today, an increasing number of workers use one or more of these tools — such as Zoom, Slack, Google Meet, Yammer, and Skype — in their day-to-day business activities.
Statistics illustrate the upward trend. In 2021, nearly 80% of workers reported using collaboration tools for work, according to a Gartner survey of over 10,000 employees at companies with 100 or more employees in the U.S., Europe, and Asia-Pacific. This marked an increase of 44% since the onset of the pandemic in 2019, demonstrating the meteoric rise in the popularity of collaboration tools as a solution for hybrid workplaces.
While organizations have enjoyed a variety of benefits enabled by these digital tools, enhanced information sharing has emerged as a double-edged sword. On one hand, companies welcome the increased teamwork, innovation, and productivity fostered by the greater exchange of data and ideas. On the other hand, as more information becomes easily available to employees and business associates on shared social tools, companies face an increased risk of security issues, including denial of service (DoS) attacks, data breaches, video conferencing disruptions, and other issues. In this blog, we’ll explore the top four security concerns facing enterprise collaboration tools in 2023 so you can stage a proactive approach to steer your teams clear of any potential pitfalls.
1. Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks
In a denial of service (DoS) or a distributed denial of service (DDoS) attack — the latter of which involves attacks from multiple sources — bad actors flood their target with unwanted traffic with the goal of disrupting service or crashing their systems. Such attacks can last from hours to days and become costly quickly. According to cybersecurity company Kaspersky, DDoS attacks cost enterprises more than $2 million per attack on average.
These attacks have grown in number and sophistication over the years, and video conferencing platforms are a top target. More growth is on the horizon, according to Cisco, which projects that the number of DDoS attacks will double from 7.9 million in 2018 to 15.4 million by 2023 globally.
Fortunately, tools are being developed to secure companies from problems arising from these collaboration and communications networks. More information on these tools is discussed later in this blog.
During the pandemic, many people moved to remote work due to the risk of COVID-19 exposure. With this expansion came a new security risk, known as Zoombombing, where uninvited individuals hack into Zoom meetings and cause disruptions. Some of the Zoombombers have been students, seeking to disrupt online lectures, while other incidents have been more nefarious with some injecting racial epithets, sexist remarks, and graphic imagery into online meetings.
In one example, hackers infiltrated Zoom-carried public meetings and online classrooms in Michigan and disseminated explicit content. Prosecutors from the U.S. Department of Justice responded by announcing that they would prosecute persons found to be conducting such activities. Meanwhile, Zoom implemented new security measures to better safeguard users.
3. Data Leaks and Data Loss
As collaboration tool use grows, so do the number of security incidents and the cost of insider breaches, according to a 2022 Ponemon Institute study.
As the 2022 Cost of Insider Threats: Global Report shows, insider threat incidents have risen 44% over the past two years, with costs per incident up more than a third to $15.38 million.
Here are just a few highlights from the report:
- The cost of credential theft to organizations increased 65% from $2.79 million in 2020 to $4.6 million in 2022.
- The time to contain an insider threat incident increased from 77 days to 85 days, leading organizations to spend more on containment.
- Incidents that took more than 90 days to contain cost organizations an average of $17.19 million annually.
Such incidents can be accidental, caused by negligence, or may be malicious in nature. One example of a non-malicious, but nonetheless very concerning, data breach involved the U.S. Department of Veterans Affairs. The VA experienced problems due to an employee’s unapproved installation of Yammer, a communication tool, followed by the addition of other collaboration networks over time. An investigation by The Office of Inspector General in 2015 found unintentional security breaches by employees, including the sharing of VA members’ personal health information over the collaboration tools in their normal course of business.
While the specific number of data leaks resulting from the unsecured tool use could not be determined, the VA’s reputation was damaged as national news stories of the incident spread far and wide.
This example shows that ensuring employees are following protocols and only using authorized collaboration tools is key. Data records created by using collaboration tools are a prime target for cybercriminals looking to glean passwords and other proprietary information from the transmissions. From an internal standpoint, there’s also a greater chance for data loss since employees now have access to more data and information, leading to a higher chance that a data leak or deletion may occur.
How Enterprises Can Remain Safe
With pandemic-fueled increases in people working from home, accompanied by the relatively recent and growing use of workplace collaboration tools, many organizations have been caught off guard by the risks associated with widespread information sharing and are realizing they need enhanced security around the new tools being deployed.
In fact, some estimates hold that only 40% of companies have a proactive security strategy for their collaboration platforms. Furthermore, new risks are popping up all the time, so monitoring and responding to threats should be an ongoing effort.
If your organization is looking for assistance in enhancing security around enterprise collaboration tools, Maven Wave and Atos can help. As partners with Google Workspace, Maven Wave has helped some of the world’s largest enterprises transform their business through full-service, disruption-free deployment and migration to Google Workspace. With the Google Cloud Partner Specialization in Enterprise Collaboration under our belt, we’ve proven our expertise and success in building secure, reliable customer solutions with Google Workspace’s collection of cloud computing, productivity, and collaboration tools, software, and products.
Contact us today to learn how Maven Wave and Atos can secure your business’ perimeter and improve your company’s efficiency with Google Workspace.
ENTERPRISE COLLABORATION SECURITY
Get the latest industry news and insights delivered straight to your inbox.