Five tips for securing Slack and Microsoft Teams | Panda Anku

Communication platforms are an essential part of how organizations work together today. They allow teams to work efficiently regardless of location – which has become increasingly important in recent years. Today, many online collaboration tools are offered as Software-as-a-Service (SaaS) solutions that make it easier for teams to communicate and collaborate. As these solutions have grown in importance, they have become a new target for attackers.

Platforms like Slack and Microsoft Teams have gained popularity around the world to improve collaboration and communication, and they bring with them the security challenges we’ve learned to expect when adopting innovative technologies. While the platforms themselves are secure — and both Slack and Teams offer robust security features — the way organizations use them can expose them to various types of attacks that exploit misconfigurations, insecure practices, third-party applications, and inevitable user error . Security teams are now finding it difficult to detect and respond to attacks on communication and collaboration platforms, hampered by limited security processes, lack of relevant skills and limitations of available technology.

cultural changes

The changes in the communication and knowledge management stack are also changing the culture in many organizations. In some organizations, Slack has become the primary communication channel — including document sharing, video calling, and chat. It replaces email for many tasks and embeds itself into users’ daily lives. Similarly, Teams includes a set of integrated solutions that provide all of these capabilities. The platforms are increasingly becoming primary sources of knowledge, replacing knowledge management repositories. Today, these platforms contain much more sensitive information than even the company’s email system or the internal knowledge management system.

security challenges

Like any other technology platform, Slack and Teams can serve as the basis for attacks that exploit built-in features, insecure usage, and misconfigurations. While email has an ecosystem of security solutions and known best practices, many newer communication platforms have only a subset of these security solutions and practices.

For too many years, phishing attacks have caused users to be suspicious of ordinary email, verify the authenticity of new email, and use chat platforms to verify the legitimacy of an unusual message. However, few users suspect messages from a colleague in Slack or Teams. This means an attacker can use a single compromised account, as was the case with the EA breach, to fool others and gain elevated privileges or access. In addition, open channels and groups encourage conversations, and messages shared there are stored indefinitely and are accessible to a compromised account. An attacker can scan these messages for information that they can exploit, such as: B. secret keys or passwords.

While Slack and Teams are excellent platforms that make business more efficient and collaborative, every platform we use – including email, file collaboration and video conferencing – comes with potential risks. Understanding and preparing for these risks can help organizations become more secure and resilient to these attacks.

Here are the five points that can help security teams prepare for a potential breach of Slack or Microsoft Teams:

The time the security team spends today thinking about the potential challenges and security risks of a security breach in their communication and collaboration platforms will help the organization prepare for it. These five tips will help if—or when—the organization’s communication and collaboration platforms are compromised by an attacker, and help the organization quickly get back to normal business operations.

Ofer Maor, Co-founder and Chief Technology Officer of Mitiga

Leave a Comment