Check Point Email Security | Blog

Why Slack and Microsoft Teams Are Not as Secure as You Think

Written by Jeremy Fuchs | April 28, 2020

Highlights

Avanan protects Slack  and Microsoft Teams with one click.  

  • Despite many users thinking otherwise, Slack and Microsoft Teams have no inherent security protections against phishing,  malware and data leakage
  • Neither scan for or block malicious links or malware
  • Data leakage protections are minimal, and sensitive company information can easily flow to other departments or outside organizations
  • Impersonation attacks are easy to implement and difficult to identify
  • Companies are at increased risk for east-west internal attacks
  • Lack of visibility into activity, as well lack of integration with SIEM and compliance tools, makes it difficult to see malicious behavior
  • Third-party app integrations broaden the attack surface 
  • Avanan is hosting a webinar to extensively cover Slack and Teams and what to do to keep them secure. Thursday, June 11, 2:00 PM ET - Sign up here →

Easy to Communicate. Easy to Be Hacked.

As you continue to transition to remote work due to the COVID-19 crisis, it is likely that you are spending more and more of your time communicating with coworkers across a variety of channels

Besides email, you're also using Slack or Microsoft Teams, chatting with coworkers, sharing files, even enjoying a funny GIF or two. Even before the outbreak, a large portion of internal communications and file sharing lived within Slack or Teams.

While these platforms may help speed communication, both Slack and Teams do not provide any default security protections. That means that everything you share—files, company data and information—is ripe for hackers.

And because these are collaborative mediums, both external actors and third-party apps may have nearly access to your channel, your information and your employees.

You must take active steps to secure your messaging and collaboration platforms from the following risks.

Avanan has protection for Slack Security available now and will be releasing protection for Microsoft Teams soon.

Risk 1: Data Leakage

Companies share everything on Slack and Teams: files, budgetary spreadsheets, company announcements, sensitive documents. 

But that share-ability can lead to the following bad outcomes:

  • One-click forwarding of sensitive information outside the organization, either by mistake or deliberately,
  • External members, who can easily join a company's channel, are free to access an entire repository of information

Any data or information shared on Slack or Teams can easily be passed on. This can happen maliciously or by mistake—many users consider Slack and Teams to be internal but forget that external partners might also have joined a channel.

Risk 2: Malware

Neither Slack nor Teams offer protection against malware

Users can share malicious links or malware without realizing and there are no protections against it. And given the general trust employees have of these platforms, anyone in your company could click on a malicious link or download malware. 

The only way to protect against malware, then, is to purchase outside protection. Today, Avanan provides one-click protection against malware in Slack and, soon, Teams.

Risk 3: Impersonation

It's fairly easy to join a Slack or Teams channel. Any user, at almost any permission level, can invite others to join whether inside or outside the company. The approval process is often loose and casually enforced.

With the sudden ramp-up of Slack and Teams usage, unfamiliar users are likely to trust what they see and permissions approved in bulk. 

Worse, profiles are the only indicators of identity and can be edited by the end-users at any time. None of your employee's anti-phish training applies.

It is incredibly easy, then, for an imposter to enter active conversations undetected, access sensitive information or introduce malware. Because information is so free-flowing, entire companies can be put at risk by just one impersonator. 

Risk 4: Third-party app integrations

Both Slack and Teams allow third-party add-ons and integrations to boost productivity. Companies can link their Dropbox, G-Suite and thousands of other apps to their Slack or Teams accounts.

External apps connected to Slack or Teams bring their own security flaws and attackers are fond of using tools with weak security but over-reaching access as back doors. Any employee can add any integration, without following any protocol or company policy broadening the attack surface. 

Risk 5: Limited visibility into activity; no compliance tools

With Slack and Teams, there's very little by way of reporting tools. It's nearly impossible to know what is being shared within your channels both between different departments or even with external partners.

Normally email compliance tools would address this issue, but none of the email gateways extend their monitoring to internal collaboration tools and the typical SIEM reporting is a challenge, leaving a blind spot that is only growing larger. 

When you use Slack or Teams, you are typically on your own to figure out how to best monitor it for compliance. 

Risk 6: East-West attacks

The first compromised account typically happens by email. Subsequent 'east-west' compromises typically avoid email in order to avoid detection. As companies move internal communication to Slack and Teams, the attackers will follow.

How Avanan Secures Slack and Teams

Avanan is the highest-rated email security platform. But you may not know that Avanan is the only email security solution that can extend that same level of protection to all of your collaboration platforms. Avanan's DLP can identify files and text containing sensitive information and protects against malware and malicious links. Every email protection is available for Slack. Soon it will be available for Teams. Stay tuned. 

Learn how to protect your organization's communication in an upcoming webinar.
Thursday, June 11, 2:00 PM ET
Register Now