The Need for Cloud-Based Communication App Security

Enterprises have become increasingly dependent on collaboration, social media, and digital communication applications for everyday productivity, customer engagement, and growth.

With this dependency comes the need to secure these apps against various digital threats: third-party risks, malware, social engineering, insider threats, data loss, and compliance violations.

This is why all enterprises require watertight security for their cloud-based communication applications.

You might be planning on considering such security measures for your enterprise, but find that evaluating technology in today’s market can be quite challenging. In that case, how do you choose the right security solution for your use cases? Which capabilities will solve your problems today and enable new business opportunities tomorrow?

"You need to have an inventory of your software, and an inventory of where your sensitive information is located. What applications are those in? You need to have cybersecurity policies that ensure your users understand how and what appropriate usage is."

Frosty Walker, CEO
ATX Cybersecurity Strategies

PODCAST_S02_E23_FrostyWalker_v04

Expanded Risk Surfaces

For many companies, third-party cloud apps have made their lives easier. However, with these applications come digital risks that, if overlooked, can spell disaster for an enterprise.

For one, these tools often live outside the traditional security perimeter. The volume and velocity of data that goes through these third-party apps easily overwhelms traditional security measures and responses. Because of this, companies lack visibility into these apps, which threat actors can exploit.

Understanding risk across multiple lines of business is imperative when determining what solution is best for your enterprise. A significant part of that is determining which areas expand your risk surfaces.

An organization would do well to identify all digital apps and areas of asset exposure with regards to their digital engagement strategy. Here is an overview of the third-party apps that the world’s leading companies typically rely upon:

  • Collaboration Platforms - particularly Microsoft Teams, Slack, Zoom, Yammer, and the like.
  • Social Media - these include all corporate & brand accounts, key executive & employee accounts (and even personal accounts used for customer engagement) on LinkedIn, Facebook, Instagram, and Twitter, among others.
  • Mobile Chat - includes all employee use of personal accounts in apps like Facebook Messenger, WhatsApp, WeChat, and Telegram for corporate business and customer engagement.
  • Enterprise Applications - software solutions that provide business capabilities and tools that are often used collectively by an organization. Key business applications include Microsoft Office 365, Salesforce, and Veeva.

Other areas that may expand an organization’s risk surfaces include:

  • Surface Web & App Store Recon - An organization needs to identify the importance of achieving visibility to general public web search engines.
  • Dark Web Recon - This includes the need to discover compromised credentials and digital assets that may exist on the dark web, paste bins and other sites, regardless of intention.
spacing-1

An organization would do well to identify all digital apps and areas of asset exposure with regards to their digital engagement strategy. Here is an overview of the third-party apps that the world’s leading companies typically rely upon:

"FBI reporting has indicated a recent increase in PYSA ransomware targeting education institutions in 12 US states and the United Kingdom. The unidentified cyber actors have specifically targeted higher education, K-12 schools, and seminaries."

Federal Bureau of Investigation
Cyber Division Report - March 2021

ComplianceDoc_Light

Threats to Communication Apps

There are various digital risk threat vectors that cybercriminals use to steal information and resources from organizations. Here are some of the most common ones:

 

Remediation_DarkSocial Engineering
 

Social engineering is an attack vector that relies heavily on human interaction. It often involves manipulating people into breaking normal security procedures and best practices, in order to gain resources (including money or cryptocurrencies) or unauthorized access to networks, systems, or physical locations.

Some common instances of social engineering include:

  • Phishing
  • Spear-phishing
  • Whaling
  • Business email/communication compromise (BEC and BCC)
  • Pharming
Malware_DarkRansomware
 

This is a sophisticated form of malware attack that puts critical data at risk of theft or destruction while rendering IT systems inoperable. Attackers then contact the victim and demand “ransom” in exchange for the safety of their files, or a decryption key that unlocks the system.

Some forms of ransomware attacks include:

  • Crypto-malware
  • Scareware
  • Doxware/Leakware
  • Ransomware-as-a-Service (RaaS)
  • Data Extortion

 

Insider_DarkInsider Threats
 

76% of high-tech executives are concerned about insider threats. Across industries, every single year, billions of private records are breached. Almost 90% are compromised via insiders, both malicious and accidental. Outsourced service providers, contractors, and consultants are common points of ingress or egress. Disgruntled former employees can also do a lot of damage.

spacing-1
Collaboration Security Solutions Brief

Collaboration Security Solutions Brief

Get the solutions brief to learn how to protect against third-party risk, social engineering, ransomware, and insider threats. 

Download Now

Threat_DarkCompliance Violations
 

The volume and velocity of digital communications creates significant risk exposure to heavy fines & penalties, litigation expense, and/or reputation damage. This is especially true for heavily-regulated industries and enterprises such as financial services (finserv), pharmaceutical companies, and healthcare institutions.

Moreover, the need for visibility across all their apps and platforms requires the archiving of significant data for legal discovery. This allows companies to cover their bases and stay compliant to laws and regulations.

Robust compliance protection should include the ability to prioritize and quarantine high-risk violations. This also includes capturing, analyzing, and archiving all direct chats and app group conversations that might contain potential compliance-based violations.

 

BrandDamage_DarkThird-Party Risks
 

Aside from compliance violations, other third-party risks can cause devastating effects to an organization.

Data breaches brought about by third-party vulnerabilities can cause millions, if not billions, of dollars in loss, as attested by the Colonial Pipeline exploit which happened in 2021. Brand and reputation damage can also come from these risks, especially when the brand in question has been a victim of compromise multiple times.

"Adding channels to your communication is not as easy as 'I'm going on TikTok now.' Adding channels to your communication means asking yourself, 'Okay, what happens if that gets compromised?'"

Lee Caraher
Founder and CEO at Double Forte PR

PODCAST_S02_E26_LeeCaraher_v04-2

Features of a Cloud Communication Apps Security Solution

When evaluating security solutions for your cloud apps, it is critical that you understand how solutions are differentiated. The following are critical features of a comprehensive security solution:

 

API-Connectors_DarkDedicated API architecture

 

A comprehensive app security solution must have an ability to quarantine malicious content, mitigate data loss, and stop malware. It must also be capable of no-hassle agentless deployment and two-way calls.

 

Authorization_DarkAccount Authorization

 

In terms of account authorization, no credentials should be stored within the solution’s system. Rather, access should come with an opt-in structure.

 

Protect_DarkDetection & Response

 

An extensive solution should have visibility into risks at the group and individual messaging level with the capability to detect and respond quickly. Message contents can and should be masked to balance employees’ privacy with an organization’s security needs.

 

Policy_DarkCustomizable and Automated Policy Engine

 

Policies that supervise the threat detection and remediation response should be customizable at admin level. Its distributed policy supervision should also have the ability to:

  • distinguish user groups;
  • apply policies selectively to different groups, and;
  • designate different reviewers for each group.

 

Quarantine_DarkMachine Learning Risk Analytics

 

With the help of machine learning, an exceptional security solution should be language agnostic, enabling multi-region readiness, and scalability. Configurable and transparent for auditable environments, an ML-powered solution can determine which risks to prioritize and respond to first. Behavioral analytics should also be available.

 

Visibility_DarkAdvanced Malware Detection

 

Most malwares today operate on delayed release algorithms. Sandboxing and forced execution of all possible malware code paths must be performed to detect and stop evasive zero-day attacks.

"In security, to be really good at the defense, you have to understand the offense."

Dr. Eric Cole
CEO, Secure Anchor

PODCAST_S02_E22_Dr.EricCole_v04-1

How to Choose the Right Solution

Whether you’re focused on a single objective (such as stopping ransomware) or something more broad (such as enabling new communication tools), communication apps can create different risks across enterprise teams.

Selecting the right communication security solution requires a certain level of insight into your own business:

  • Which tools and applications do you rely on that come with the greatest risk surface?
  • What kind/level of protection does your business need?
  • Which qualities, features, or benefits do you prioritize?

Once you determine those, it will be easy to find the right solution for you. Still, as your security and business objectives will only continue to grow, the solution you invest in should support immediate goals and the ones that lay ahead. Preferably, one that is capable of all the critical features of a powerful and comprehensive application security solution.

 

LEAD BUSINESS CHANGE WITH STRATEGIC PLANNING
 
Only 31% of organizations have a documented process for requesting a new app to be added to the approved list.
 

SafeGuardCyber Survey April, 2019

Executive
Information security is no longer just an IT issue. It’s an enterprise risk that affects every employee and every customer and, ultimately, the viability of the organization. Executives who lead business change do so by sitting down in the boardroom to give their fellow executives the confidence to make informed decisions around innovation and risk. They can bring the risk closer to home by conducting simulations, but it’s equally important that everyone around the table knows that the business cost of not using modern technology is often even higher than innovating quickly. Some studies placing the cost of failing to innovate at a 24% reduction in profitability.8
 
One of the best ways to lead business change is to embed information security team members in all core business processes. In larger companies, CISOs should delegate certain operations to specialists in each department who, in turn, report to executive management as part of an overarching information security strategy. This approach will not only help ensure that all corporate assets are accounted for; it will also help simplify risk management to drive faster innovation. By engaging with every facet of the organization, security teams will be better placed to lead business change and establish long-term development goals that help transform information security from a mere necessity to a growth enabler.
 
Final Words
As businesses strive to keep pace with evolving customer demands, they are under constant pressure to adopt a proactive stance to information security with continual improvement and security by design. To summarize, executives can position themselves to offer greater business value by:
 
  • Driving a corporate culture change in which security is everyone’s responsibility
  • Building relationships with every department to overcome organization silos
  • Moving away from the department of “no” to becoming innovation leaders
  • Leading business change with enterprise digital transformation strategic planning

To help make life easier for today’s connected executives, we developed SafeGuard Cyber to empower organizations to use social media, mobile chat, and digital channels securely, compliantly, and at the scale of global business. With coverage across 50+ channels, such as Facebook, LinkedIn, WhatsApp, Slack, and Office 365, our clients unlock new markets and reach new customers, all while securing customer interactions and company data. It’s no longer a matter of saying ‘no’ to new digital and cloud technologies. It’s about asking ‘how’ an enterprise can embrace new technologies without fear.

Sources

Secure Human Connections

Ready to see how SafeGuard Cyber secures modern communication apps wherever they exist?