Zoom, Microsoft Teams – Slack: Have IT Risks Increased
2020 is a year that in some ways will have changed professional behaviour.
Due to several redevelopments, the adoption of telework massively, the use of video conferencing applications has also increased significantly. The question then is whether this increase in remote collaboration applications would not be more risky.
This article will also interest you: Zoom: the priority of the next 90 days, user safety
In a way, whether it's Zoom or Microsoft Teams, these applications aren't dangerous to use. The problem is that when it comes to it, there is no such thing as zero risk. Somehow tiny digital is vulnerable. As a result, when applications are used on devices that are not adequately protected, hackers then see the gateway for their cyber-malveillance action. With telework adopted massively, it's gateway have multiplied. This coincides in particular with the increase in cyber-malicious acts or hacking attempts. "These next-generation communication applications are more unlocked entry doors for a hacker if they are on an unsecured machine, such as a personal device (private computer, mobile phone), or a computer that is not up to date (antivirus, OS, etc.). Indeed, the interconnection of applications, coupled with a poorly secured machine, presents a major risk to the security of companies. wrote Jacques-Bruno Delaroche, Pre-Sales Engineer at Exclusive Networks.
Examples include applications provided by Microsoft. These are tools that as a whole are connected to each other. It only takes a configuration error or a security weakness for access, so that a cybercriminal can access the contents of a device and steal all the data produced or generated by its applications. In some measures, it will be able to access the cloud of these targets. "While interconnected, local access to a machine provides access to files and folders stored in SaaS.
In this configuration, couriers are widely used by companies… and therefore all the more attacked because they remain potentially open doors to other web app. Jacques-Bruno Delaroche, Pre-sales engineer at Exclusive Networks.
The real challenge at this level is to raise awareness among the various players involved in this hasty and almost forced digital transformation. To begin with, good digital hygiene practices should be encouraged. To do this, you will have to follow three important steps.
The first step will be to identify the necessary applications. Indeed, telework means remote collaboration applications. These applications are necessarily integrated into the work chain to facilitate exchanges between staff and administration. The idea is to select from all these applications used, the ones that are needed and those that are not. Such an organization minimizes the risks and vectors of attack.
The second step is to make decisions to facilitate remote collaboration. For example, it will be necessary to know what good practices should be adopted to make trade safer. The idea is to minimize the vectors of attacks that could benefit cyber criminals. Take, for example, the use of VPN networks. The significant reduction in technologies used in telework. "The more you increase the technology, the more you increase the attack surface and the more you drown the user. Thus, companies must choose at all SAAS with enhanced authentication measures, or VPN by repealing the use of cloud applications. observes the Engineer of Exclusive Networks.
"For a long time, the implementation of business continuity plans has been pushed back by companies. Today, containment and "forced" telework are, for them, an electroshock. Containment has only accelerated the transition of companies to telecommuting.Today, it is up to them to secure their tools by knowing their needs. concludes Jacques-Bruno Delaroche, Pre-sales engineer at Exclusive Networks.
Now access an unlimited number of passwords: