SafeGuard Cyber Blog

Secure Teams and Slack from Chat Communication Risks | Blog

Written by George Kamide | Oct 17, 2019 4:00:00 AM

Organizations have embraced collaboration and chat communication tools, like Microsoft Teams, for their efficiency with file sharing and teamwork. But is Microsoft Teams secure?

According to Microsoft, the Teams platform encrypts network communications by default. Microsoft Teams chat security uses a combined approach of OAUTH, Transport Layer Security (TLS), and Secure Real-Time Transport Protocol (SRTP) to protect all Teams data. To further secure Teams chats and all information contained within, Microsoft implements team-wide and organization-wide two-factor authentication, and single sign-on through Active Directory, on top of data encryption.

However, cybersecurity experts aren’t exactly convinced of Microsoft Teams security measures. A cybersecurity research firm recently unearthed a potentially critical flaw that further adds to Microsoft Teams security risks. According to the report, authentication tokens in the Teams desktop version are stored in plain text, rendering them exposed to third-party attacks.

As more users adopt applications like Microsoft Teams, organizations become more vulnerable to security and compliance risks. Here’s why securing Teams from risks in chat communications should be a priority for your enterprise. This blog focusses solely on Microsoft Teams but if you're organization uses Slack instead, you can head over here to learn more about securing Slack.

The Risks of Teams and Slack

Both Teams and Slack have seen massive jumps in their user base since the start of 2020. Teams has doubled the number of its user base, from 75 million in April 2020, to 145 million in 2021. However, both chat communication and collaboration tools have seen their share of incidents, as well. Most recent are the EA Games data breach, which happened through a Slack API exploit, and the zero-day vulnerability discovered in Teams that could have allowed attackers to create malicious Power Apps tabs.

Teams often think about these risks in terms of file sharing (data loss, exposing PII, etc.), but overlook chats. Slack, on the other hand, is constantly discovering vulnerabilities in their system. Case in point: Cisco’s threat intelligence unit Talos warns that bad actors have been leveraging the file sharing capabilities of apps like Slack to distribute malware.

Gaps in Collaboration Security

A study conducted by Metrigy around workplace collaboration for the years 2021-2022 reveals some worrisome data in terms of security. Key points discussed in the report include:

  • Only 11.2% of companies plan to return to the office full-time.
  • 45.5% of companies say they have experienced problems with their home office security (compared to 24.5% who experienced problems with security at the office).
  • 36.1% say their VPN connection was found to be the cause of their WFH technology problems that caused a problem with connectivity or application access.

With the majority of companies having no plans yet of returning to the office environment soon, most workers are stuck with their non-secure internet connections at home. And even though they use VPNs as a security measure, 25.2% of respondents say security is not as strong at home as it is in their office.

This setup also encourages the use of unauthorized devices and guest users. Employees who access their network using their personal laptops or smartphones or use Teams with different accounts further expand the attack surface, which is among the biggest Microsoft Teams risks.

This effectively widens the risk surface and degrades collaboration security for Teams and Slack users. Especially since most employees use the chat function on both apps for office-related collaboration and quick chats.

For example: an employee might send a team member a link to the proposal they are working on in Slack. Then follow up with a link to a GIF about how tired and hungry they are.

As a company, your focus might be on policies that ensure the proposal is in line with compliance regulations and is not shared externally. But what is overlooked is the threats posed by the shared GIF. What if that GIF was actually embedded with malware?

Whether or not your employee shared that malicious link on purpose, your organization is compromised.

Guide: Learn everything you need to know about spear phishing.

Securing Microsoft Teams and Slack

Malware isn’t the only concern when it comes to messages. Chats on Teams and Slack may also risk compliance violations, legal exposure, and data loss. These risks do not outweigh the benefits of using the chat functionality.

This means securing Slack and Teams entails organizations to gain visibility across the entire collaboration network - messages, files, snippets, and more - to ensure they are protected.

But that is a lot of data to capture and protect, especially when you include chat messages. The quantity of chats alone can result in thousands of messages per day. It’s also common for organizations to adopt multiple collaboration tools to address the needs of individual teams.

To establish scalable collaboration security, automation solutions are necessary to help organizations scale with the volume of digital data creation.

For example, we’ve helped an insurance firm protect communications across SharePoint, Yammer, and Slack for 20K+ users. With automation and machine learning, we consolidated all communications into one platform. Security and compliance policies were extended to all messages to ensure that all content was consistent with internal policies (FINRA, PII, and data loss), while capturing full audit trails.

Teams and Slack are just two of the many collaboration apps and platforms that your company could be using. Yet, the key principles involved in protecting them remain the same: visibility across the entire network, and automated policies and solutions that scale as your business (and your apps grow).

Guide: You can protect chats on tools like Teams and Slack
with proactive digital risk protection.