The security of sensitive data has always been a major concern among enterprises. With the advent of the COVID-19 pandemic, managing the security of this critical resource has become a bigger challenge
A survey conducted by Gartner showed that around 88% of enterprises have encouraged or mandated employees to work from home during the COVID-19 crisis. This transition has resulted in many organizations to adopting cloud-based collaboration platforms such as Microsoft Teams and Slack.
These collaboration and productivity tools have helped organizations sustain their business operations and in some cases, have even improved communication and productivity. But adoption of these tools comes at a cost of vulnerability.
This rapid transition to remote working has opened doors for hackers to get access to confidential data and compromise the data. Inadvertent oversights by employees, sharing sensitive information over collaboration platforms, can hurt an enterprise’s business operation and reputation.
Read More: Cloud Security – Three Common Mistakes CISOs Can Avoid
Hence, it is essential for organizations to assess the feasibility of more flexible yet secure platforms, and arm their employees with the best security practices. A few questionable practices that can compromise an enterprise’s security are:
Sharing of sensitive documents
When employees use a collaboration platform for discussing goals, exchanging files and other work-related purposes, the data could be stored on-prem or on the cloud. Also, to streamline the discovery process of opening a file, employees often end up storing them in their hard drives, which lacks protection against these threats and is prone to corruption. This means when attackers are successfully able to breach these platforms they can easily access this information.
Therefore, Enterprises must assess their cloud provider and see whether they comply with standards such as ISO 27000. Moreover, companies should empower their employees with tools they need to access the company data securely. Additionally, labeling data as, ‘sensitive’ or ‘confidential’ will make employees more attentive before sharing them over collaboration platforms.
Errors and negligence
Employee negligence and errors are some of the potential factors that can breach an Enterprise’s network. In fact, a report published by Ponemon concluded that 62% of all insider breaches within a company were caused by employees’ errors and negligence.
A common example is exchanging passwords or sensitive information via cloud collaboration tools to speed up their work process. An increase in such unauthorized activities can compromise data and can levy hefty compliance fines.
Clearly, to eliminate risky practices before they develop a strong root in the organization’s business operations, enterprises should make it as easy as possible for employees to access the corporate resources they need to perform their duties. Apart from these, training employees about basic security practices such as secure data sharing can go a long way when it comes to data protection.
Read More: 3 Expert Recommendations to Manage Third-Party Cyber Security Risks
Using Personal Devices
It is easier for enterprises to encrypt data access and to keep devices up-to-date with patches if an employee is using their corporate laptops or computers. However, when the employees start to use their personal devices for work jobs, organizations have little control over the device’s security. A single such unprotected device can jeopardize the organization’s data security and infrastructure.
To tackle this problem, enterprise should regularly assess the spikes in the log activity of employees. If there are any suspicious activities conducted such as high traffic over the network, it can help to detect the attacks at an early stage. Also, by installing endpoint protection tools and patching all corporate devices, mitigate the security risks associated with cyber threats.
With the increased adoption of remote working, the security challenges faced by an organization are rising as well. Though the collaboration tools pose a security risk to enterprises, effectively using these tools and following the best practices can improve the security, as well as enhance the business operation.
