In the current climate, where many have shifted to working from home, collaboration software platforms have very quickly become the cornerstone of everyday life in business. Communication is vital for any team to succeed, and even more so when working remotely, meaning video conferencing apps and collaboration software platforms are facing increased usage. However, some platforms are starting to crack under the pressure of being used more frequently and by more people than ever before. Security incidents are becoming more common – resulting in distrust and uncertainty from the user community, who don’t know how vulnerable these systems are.

Cybercriminals see a golden opportunity in the current situation and seek to use new tactics to compromise private information. They exploit collaboration applications like Zoom to capture user credentials. Threat actors hijack the chat window available within these applications and entice users to click on phishing links through which login details can be stolen. There is then potential for an organisation’s network to be infiltrated and more damage to be caused with ransomware, data breaches, or credentials to be sold on the dark web.

Whilst IT and security teams are already stretched in these unprecedented times – trying to do more with fewer resources – they must not neglect the importance of securing collaboration software platforms. Adopting a layered approach to security and implementing multiple defensive measures is critical to secure the network. This is especially true now since IT professionals are facing the added risks of a remote workforce. The foundation of this approach is patching as part of a robust vulnerability management program.

The workforce is the core of any business, so a layered approach to security should also take employees and their actions into account. IT and security teams should ensure their workforce has a thorough understanding of any IT security risks and how to minimise them. The parameters should be especially clear while they are working remotely to ensure there are no weak links. This includes reminding employees that, despite working from home and potentially using their own devices, the cyber-risks remain the same and so they should take just as many precautions – if not more – as they would working on their office computer. With clear policies in place it is more likely employees will follow the rules.

Whilst businesses can take precautions to defend their network from the inside out, vendors and partners have access as insiders to the corporate infrastructure. Therefore, it is important to follow an audit framework that allows for a rigorous review of the mechanisms made available by the vendor to preserve and protect privacy while using the programme. Partners should also be reviewed to ensure they are following key security protocols and their software is kept up-to-date. 

This period of remote working looks set to continue and businesses simply can’t afford for security vigilance to decrease as time goes on. IT and security teams need to stay on top of their game to help businesses through this unprecedented crisis.