April 23, 2020

3 Ways to Secure Remote Data in Slack

Photo by Scott Webb from Pexels

For organizations facing the new challenge of supporting unprecedented numbers of remote workers, finding tools that enhance communication and productivity is a must. Because it’s already in widespread use, and because it’s versatile and easy to learn, some are turning to Slack for the first time, and others are increasing utilization.

Though it brings several benefits, Slack can also introduce security risks. As is the case with any workplace communication tool that allows file sharing, Slack has the potential to become a source of data leakage if it isn’t carefully managed.

Here are three areas you must consider when implementing Slack across your organization:

1. Communicate frequently with employees and stakeholders

In the early phases of the transition to remote work, it’s essential to communicate with your employees. If your employees are new to Slack, they should be aware that phishing attacks seeking to harvest Slack credentials have long targeted users during the account verification process. To reduce this risk, Slack has introduced two-factor authentication (2FA), and workspace owners and admins can make its use mandatory for all members of their workspace.

Recent research has shown that incoming “webhooks,” which connect third-party apps so that they can be used to post messages to Slack, can be compromised, allowing unauthorized users to send messages to Slack channels. Let employees know that attackers may use this method to try to trick them into installing malicious apps. To combat this threat, workspace owners can also restrict users from installing third-party apps via the whitelisting options built into Slack.

Make sure employees understand the rules concerning file sharing in tools like Slack. They should be clear on what types of files should and should not be shared on the platform. Remind them that protecting sensitive data and keeping confidential information safe is something they should think about throughout their workday.

2. Manage access in ways that meet remote workers’ needs as well as security requirements

Many times, employees focus on being productive and efficient. And sometimes that means less attention to the security aspects of their work. That’s one reason it’s important to provide secure access to tools like Slack. Forcepoint solutions such as secure web gateway, NGFW or DLP can all play a role in Shadow IT reporting (and more) for cloud apps.

Additionally, with a full cloud access security broker (CASB) solution, you can gain granular visibility into employees’ use of non-corporate Slack instances or other unsanctioned workarounds. This type of solution allows you to monitor user activities in real time, enabling the rapid discovery of unsanctioned applications, devices or user accounts within a distributed enterprise environment. It makes it easy to control access to multiple instances of Slack, which might be what employees are turning to for internal or external collaboration.

You can also establish policies that restrict the sharing of sensitive material to the internal instance, and allow only information that’s public or soon-to-become public to be shared on the external one.

3. Consider deploying DLP over the medium term

For many organizations, increasing remote work means increasing the number of enterprise workloads that will run in the cloud.  But it’s not just that: for some companies, it could also mean some back-office functions are being accessed remotely for the first time. While this enables new levels of flexibility for employees, it also creates new data management challenges.

If you have not already implemented DLP, the coming weeks may be an opportune time to explore this solution. The most comprehensive and effective data protection solutions do take time and careful planning to put in place. But by pushing DLP to all endpoints accessing corporate IT resources or containing relevant files, you can detect and prevent data exfiltration, slow leakage, or the inappropriate sending or sharing of work-related files.

If your company has deployed a DLP solution, you could use this time to re-examine data policies and potentially to go further. As an example, you could set up file fingerprinting to accurately identify all highly sensitive data, and place controls around the movement of that data. What’s important is that your data security strategy stays ahead of your IT environment’s ever-changing, shifting requirements.

Though it’s been around for more than five years, Slack is now being called upon to support new ways of working. By establishing the right guidelines and implementing thoughtfully chosen technologies, you can enhance employees’ ability to use Slack in ways that minimize friction and maximize security.

Scale your security strategy to protect people and data wherever work happens—learn more here.  

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.
Inline CSS for Main Menu