“Select collaboration tools carefully to keep data secure” by Tim Holman, writing in Computer Weekly
How can businesses of all sizes ensure that employees are able to collaborate effectively without the risk of compromise to the company IT network or systems?
Secure collaboration between internal and external teams is essential for project success, but using free or cheap tools can lead to security failings.
For example, the popular collaboration tool Slack was hacked in February 2015, when 500,000 email addresses and other personal data were leaked.
I would suggest carefully creating your own secure collaborative system, as long as it matches the user friendliness your team is used to. Your employees will then commit to using the new collaborative tool, rather than preferring to shortcut to low-security alternatives.
Ensure the system easily integrates with your existing IT processes and infrastructure, such as content management systems, mobile device management and digital rights management systems. This safeguards your security controls and guarantees they are consistently applied across all your IT services.
A system that easily integrates with your business software will prevent duplication of time and data. Make sure your system has robust search and analytical capabilities to allow drill-down into your business information, to find a file or a document.
It goes almost without saying that employees have to comply with company policy on the appropriate use and protection of computing devices and networks. As ever, employee communication and training about the security risks involved are also very important aspects of enforcing this policy.
Creating a great secure collaborative platform takes a lot of time and effort, and much can be written about the correct steps to take. It is important to stop your employees from signing up to free or low-cost individual file-sharing accounts, which could mean your company is exposed to significant compliance risks. Otherwise you will not have any visibility or control over the information being accessed and it is impossible to know just how exposed your company is to a data breach.
This article was first published in Computer Weekly on Friday 12th June 2015.