Digital transformation has driven the adoption of collaboration platforms at a massive scale that enterprises, and security teams, specifically CISOs, have never witnessed before. With the continuously evolving features of collaboration platforms, CISOs must develop strategies that will enable them to adapt this fast-paced environment while also positively contributing to the overall success of the enterprise.
Collaboration platforms have emerged as a savior for enterprises looking to drive effective communication and collaboration with their partners and various departments. But, the constantly evolving features of these collaboration platforms, along with their rapid deployment, have created a new set of problems for IT, security and compliance teams. As enterprises continue to embrace hybrid work models to sustain their business operations, CISOs and compliance teams shouldn’t overlook many different areas related to collaboration security.
Let’s look at the three critical areas that CISOs should immediately address to avoid the risk of sensitive information ending up in the wrong hands:
- Usability vs. security
CISOs who want to strike a balance between security with usability need to have a tough conversation with their counterparts. Regardless of where the enterprise falls on the security and usability scale, CISO should be proactive and involve themselves in business decisions related to governance and security. By involving themselves early in evaluating risk prevention and collaboration needs, CISOs can present an effective business strategy to their stakeholders.
Even though successful CISOs can seamlessly navigate both the security and usability needs of enterprises, they shouldn’t be afraid to seek outside help. By consulting with an external security team, CISOs can gain a better perspective and understanding of their enterprise infrastructure, and will be able to leverage real-world best practices to strengthen the security of the enterprise.
- Improperly implementing guest access policies
To keep their business operational in the first half of 2020, a large number of enterprises were rushing to implement new UC and collaboration platforms. But in doing so, many neglected the additional levels of security, such as guest access policies, which resulted in a large number of enterprises falling victim to hacking or a breach. Additionally, CISOs are still struggling to strike a balance between guest access policies and ease of use. As a result, employees are turning to shadow IT, which poses a significant threat to the enterprise infrastructure. Hence, CISOs should establish guest access policies that are flexible and secure while appealing to the needs of both internal and external stakeholders.
- Not implementing consistent naming conventions
In the early months of 2020, most enterprises refrained from formalizing cross-functional naming conventions across platforms and teams. Enterprises that fail to implement a consistent naming convention not only risk losing valuable documents but build slower, more complicated workflows for their employees.
Therefore, CISOs should create consistent naming conventions across platforms while prioritizing discoverability. They should collaborate with their counterparts as well as mid and senior management to determine conventions commonly used, and initiate a strategy to encourage enterprise-wide compliance.
As collaboration tools continue to evolve, the risk associated with them is only set to increase. Instead of leaving no choice for the workforce but to seek out less secure tools, CISOs should establish critical security and governance control while striving to provide greater flexibility with the collaboration platforms.