Getty Images
Addressing the Security Vulnerabilities of Internal Communication Platforms
Communication platforms have enabled organizations to work throughout the potential but have also opened to door to unauthorized access
More and more organizations across all sectors are using Slack and Microsoft Teams for remote collaboration and communication. The NHS in England, for example, has used Microsoft Teams to communicate and collaborate during the pandemic.
Major issues, however, afflict Slack and Teams, as they are potentially huge sieves of ePHI and HIPAA violations waiting to happen.
Consider the story of a large public health department. After turning on a HIPAA-compliant Slack protection service, they saw, to their surprise, the sheer amount of HIPAA-related content being shared, many of it accidental. They had no idea. After deploying the protection, they saw a 30-percent improvement in the use of data encryption.
Slack and Teams, however, offer no default tools to make the solution HIPAA compliant. Organizations have to be proactive. In fact, Slack says this in its documentation:
It’s worth asking: How many files, then, are floating around, unencrypted, for anyone to see?
If you’re not protecting yourself against account compromise or takeover, then bad actors can easily share medical data outside the organization.
Collaboration apps do a lot of good. With Teams, in particular, that’s becoming increasingly easy. As part of the larger Microsoft ecosystem, Teams is built specifically to make all of those tools easily accessible. It is built to have all of Microsoft’s tools used in your daily business activities. It’s easy to have increased collaboration across multiple locations and it even acts as a forum for levity and laughter during the workday.
This, once again, fosters collaboration and productivity. It’s also a gold mine for hackers.
Sharing information freely is great and speeds up business processes and decision-making. That same share-ability can lead to some bad outcomes, as well.
With one click, sensitive information can be forwarded outside the organization, either by mistake or deliberately. Whether an employee mistakenly forwards sensitive health information, or someone is hacked and the information is being released deliberately, it leads to HIPAA violations, loss of patient trust and so much more.
Additionally, users can share malicious links or malware without realizing it, and there are little to no protections against it. Given the general trust that employees have in these chat and collaboration platforms, anyone can click on a malicious link or download malware, with potentially grave consequences.
Because of the openness of these apps, and the ease in which you can connect other apps, there’s so much that hackers can access. For example, hackers, according to one study, are specifically using Microsoft 365’s eDiscovery tool to their advantage. Meant as a hub for searching across for organization, this study found that 56 percent of accounts demonstrated at least some suspicious behavior on eDiscovery.
If hackers start in email, they can easily move to Teams, SharePoint, and OneDrive. Or they can start in Teams and move to email. Because the ecosystem is so tightly woven, it’s fairly easy to infiltrate just one and get access to all the rest. Or, a hacker can start in Teams and move to SharePoint and never have to even touch email. There’s plenty of entry points.
Teams, in particular, is the ultimate East-West vector. External actors can be invited, create a free, legitimate account and go hunting for everything in that organization’s Microsoft ecosystem. Or they can compromise an account, not participate in chats but use Teams to scour the organization for goods.
In healthcare, the goods are plentiful. Some of the most sensitive data a person can have is shared with their doctor and healthcare providers. It goes beyond basic data like Social Security and addresses. It’s every blood test, every exam, every medication, and family history. Having that data released is damaging. It’s why hackers are so focused on infiltrating systems and getting data.
With more of that data now on Slack and Teams, it’s more opportunity to access and sell that information.
It’s why ensuring you have robust protection for Teams and Slack is critical—now more than ever.
_____________________________________________
About Avanan
Avanan is a cloud email and collaboration security platform that pioneered and patented a new approach to prevent sophisticated attacks. By deploying inline via API, Avanan is uniquely situated to catch and stop the sophisticated attacks, across all platforms, that evade default and advanced security solutions.