em360tech image

Article Contributed by Martin Cannard, VP of Product Management at Netwrix

Innovative workplace software is today at the forefront of team communication and collaboration. Since the start of the pandemic back in 2020, it has become a staple of business operations, boosting productivity, improving space efficiency, and driving a more positive employee experience.

The number of active monthly users in Microsoft Teams alone has skyrocketed to more than 270 million, with workers relying on the collaboration tool for everything from video calls to document sharing to instant messaging

However — as we know — with increased use comes increased risk.  Threat actors continue to find new ways to exploit beloved workplace tools to infiltrate IT systems and steal personal data belonging to both employees and customers. 

Here are the most common security vulnerabilities associated with Microsoft Teams and the preventive measures that IT administrators can — and should — take to protect their organisation’s sensitive data from falling into the wrong hands.

Internal data sharing

Microsoft Teams enables users to quickly exchange files with colleagues. It’s fast and convenient, but not always safe. Some users will share sensitive information with people who shouldn’t see it.

The best way to mitigate this risk is to implement information barriers that prevent specific individuals or groups from communicating with each other. It’s also possible to allow communication while disabling file sharing, although this method won’t solve the problem of employees copying and pasting sensitive information from a document into a chat window.

Another option is to use data loss prevention settings to detect and block sharing based on specific content within a message, such as personal identification numbers, or credit card details.

Sharing with guests

Microsoft Teams also enables employees to share information with external parties, such as vendors and clients. In particular, employees can share documents, participate in chats, and make and receive calls.

This feature is a huge bonus as it enhances collaboration but also increases the risk of sensitive data being shared inappropriately.

Again, data loss prevention tools are key here and should be used and considered widely. Microsoft has a great tool which enables you to tag documents that should be encrypted so that only certain individuals or groups can decrypt and open them.

This enables employees to freely share documents externally without the risk of the wrong people accessing them.

Phishing

Microsoft Teams is no stranger to standard marketing techniques – when a user is inactive for a while, it sends them a reminder email about messages that are waiting for their response, which contains a link to the platform.

As you might have guessed, this email can be exploited and replicated by cyber attackers. Because of this risk, it is critical organisations' IT teams inform employees about this risk and train them to recognise such scams.

Although this basic step is often overlooked, it can really help organisations improve their online security and maintain system health.

Other valuable security measures

In addition to using the security features built into Microsoft Teams, it is recommended that activity within Teams should be well monitored by IT departments.

Ideally, organisations should be using the same solution that is used to audit other activity in its IT ecosystem, since that will enable them to classify data consistently and improve threat detection and response.

It is also important that IT teams keep in mind that Teams uses SharePoint Online for data storage meaning extra attention must be paid to employees and their usage here.

In addition to this, a dedicated auditing solution can help IT teams stay informed about external user activity, spot suspicious changes before they turn into a breach, investigate incidents involving Teams data, and prove compliance to auditors.

When implementing security controls, IT professionals need to keep in mind that business users rely on platforms like Teams as a convenient way to interact with other people, whether they are in the office or based remotely.

If the restrictions are unreasonably tough, employees might switch to tools outside the corporate IT environment, which is harder to monitor and dramatically increases risks.

Therefore, it is crucial to seek a balance between security and productivity by finding reasonable limitations and rules – and tools – that work for both IT teams and business users.