Before the pandemic, the business world took for granted that the vast majority of knowledge workers would be working in corporate offices most of the time. In the post-pandemic world, however, many employees can work from anywhere, at any time, and on any device with an internet connection.
When COVID-19 work-at-home mandates took effect around the world in early 2020, organizations rushed to adopt online collaboration tools. With capabilities ranging from voice- and videoconferencing to document co-authoring and project tracking, these tools helped teams communicate, work together, and share updates on various projects and initiatives from home or anywhere else.
While some companies are now encouraging or even mandating a return to in-office work for many employees, collaboration tools remain crucial for business operations. They’ve become a fundamental part of doing business with people working in multiple locations, both inside companies and externally with customers, suppliers, and other third parties, said Doug Glair, director of cybersecurity at technology research and advisory firm ISG. As such, companies need to ensure that their collaboration tools are resilient, easy to use, and secure, given their critical value to the business, Glair said.
But even though organizations have been using collaboration tools for several years, they’re still making the same security mistakes as in the early days of the pandemic, say experts.
One of the main reasons is that collaboration tools are often spun up within business units and not company-wide, according to Avani Desai, CEO of Schellman, a cybersecurity assessment firm. “Maybe I want to use Asana, and someone else wants to use SharePoint, and someone else wants to use Jira, and the executive team wants to use another tool — so user access isn’t granted on an enterprise level,” she said. “User access has been an issue for years, and it continues to be an issue.”
Gartner analyst Patrick Hevesi agreed with Desai’s assessment. “Let’s say your corporate standard is Microsoft 365, or G Suite, or whatever, but somebody else in the company wants to use Slack,” he said. “People are adding more collaboration tools without the authority of the IT security organization.”
What’s more, organizations that adopt collaboration platforms such as Microsoft Teams, Slack, Box, Dropbox, GitHub, Jira, Asana, and others are often focused on the productivity benefits. Securing these platforms, communications, and the data that they share is typically an afterthought — if it’s thought about at all, said Jay Martin, security practice lead at managed services firm GreenPages Technology Solutions.
“Making them more secure is essential to protecting the organization from threat actors seeking an entry point to proprietary information, financial data, intellectual property, and more,” he said.
Computerworld asked tech industry analysts, IT service providers,…
2023-07-12 02:48:02
Post from www.computerworld.com rnrn