After the notoriety of Zoom users being “Zoom-bombed”, it is time to start looking at alternatives to collaborative software tools. One tool that continues to gain popularity is Microsoft Teams.
Because of the security issues surrounding Zoom, it begs the question: How secure are tools like Microsoft Teams? The answer is that the software is more secure than Zoom, however, nothing is immune from cyberattacks.
Collaboration tools in general provide a treasure trove of data that tempt cybercriminals of all types to scale the fortress walls in order to gain access. And to add, people are not being as security minded as they should be due to outside stressors. The factors combined create a recipe for breaches and potential disaster.
Microsoft Teams has different features, openings, and back doors that attackers are looking to exploit.
For instance, the platform allows the granting of “Guest Access”. This can actually be a particularly useful feature. Guest Access allows external individuals to join an internal team. This is ideal for sub-contractors and other third-party co-workers, but it enables other possibly unscrupulous people to be invited into the team. Once given admission, the guest has access to all of the team information and chat conversations including shared files. Granted, Guest Access can be disabled but the default setting is to keep this feature open.
The developers of Microsoft Teams are responsible for their own security issues of possible bugs and easy-to-attack features. Overall though, Microsoft Teams clearly has the upper hand since they are surrounded by the entire security measures within Microsoft Office 365 including audit trails and supervision monitoring.
The main security issue for all collaboration software, is that they are just as exposed as email to phishing and other types of e-mail based cyberattacks. Exactly as with email, cybercriminals can use these attacks to deliver malware, steal credentials and more. Once they have access to the software, they can sync to the employee’s devices, download viruses and malware, send more attacks, access the networks and worse. They can even masquerade as the employee in chats and emails.
The biggest takeaway is that employees need to be as vigilant within their collaboration software as they are in any other environment. They need to be aware that just because they are using a different method of communication, they still need to be wary and responsible of sharing private information.
When considering the differences and security concerns surrounding collaboration software, contact our cybersecurity experts at MidnightBlue. We can assess your needs, configure your systems, guide you through policy creation and support your users. Contact us today for help.