Depending on your organization’s priorities, you will have been changing the way that the networks are configured and protected over the last couple of years. Most IT teams will have been working overtime, rushing to provide the facilities that the company needed, trying to balance practicality and security, with the end goal always in mind of making sure that the business can keep functioning.
You might have had to beef up and harden the RDC facility or quickly found ways to accelerate VPN gateways. At Tech HQ, we’ve seen a huge spike in interest for remote endpoint management (and security for distributed networks in general) over the last eighteen months. The fact that people and their workloads are beginning to move back inside network perimeters doesn’t really alleviate much of the IT function’s workload — in most cases, organizations are sticking with some degree of remote work.
It’s been down to applications like Microsoft Teams, Office, SharePoint, and various combinations of Google Docs, DropBox, and so forth that the wheels of commerce have managed to continue turning. Securing a company’s networks, applications, and users’ endpoints has always been a task that is achieved by means of many tools — despite some vendors’ protestations, there is no one single umbrella of protection that can be raised over a business that will give 100% protection from cyberthreats.
But it is worth noting that as well as some changes to work practices (remote, WFH) are now permanent, so too is the line-up of the “standard” suite of applications in daily use by 99% of employees. Applications like Slack, Zoom, WebEx, Teams, and even WhatsApp (or Signal) are now part of the landscape and are here to stay. As ever was, it’s incumbent on IT departments to enable and protect whatever is used to get a day’s work done across the organization.
In an earlier article, we looked at the specialist security required for a secure and reliable implementation of Microsoft Office 365[ed. please add link to Avanan’s first piece], especially in widely distributed environments. As O365 users, many will have turned to Teams for collaboration, voice & video chats, and drag-and-drop file sharing with colleagues. Its integration with the rest of the Office platform (calendars, Active Directory, contextual document previews, and so on) made it the obvious choice over other options. Having no extra licensing costs for the majority of facilities was a bonus, too, of course!
Unfortunately, unless the organization was using the E5 licensing tier for O365 or had added Microsoft Defender for Office 365 to the basic plans, Teams runs unsecured by any Microsoft-powered protections. (It’s arguable that Exchange plus its out-of-the-box EOP layer is insufficient in a CISO’s ideal world.)
Here’s where Avanan can help out. It provides better and more configurable, granular protection for Teams at a lower cost than the standard Redmond issue. As companies become more familiar with Teams and it becomes part of most employees’ muscle memory, it’s increasingly important to close off this known attack vector. In the same way that Excel and Word macros became popular choices for hackers, Teams is close behind in being the focus of cybercriminals’ attention.
There have been a good few patches applied by Microsoft onto Teams that came from pull requests from Avanan. As the specialist Office security provider, it’s the company’s sole focus. And as part of its research and ongoing work, it’s become apparent that the Teams platform is being leveraged as part of phishing campaigns (data gathering exercises), used to send payloads directly, and as an attractive attack surface that can be the conduit for more wide-spreading attacks.
To enable Teams-specific protection, the administrator simply creates security policies as required. To begin, there is a choice between DLP (data loss prevention – typically instigated by staff or compromised entities inside the organization) or malware. Options then are for active file scanning on all data movements via teams, with an option to tombstone suspect files.
As part of SecOps’ daily routines, Avanan Teams dashboard presents statistics on all aspects of protection, including the number of scanned messages and files, potential flags, and known bad apples:
Source: Avanan
As you’d expect, the Avanan platform works in concord with the rest of the Microsoft stack, so it is a seamless and (for the operator) simple addition to help protect staff, files, and the wider organization from a data breach. Other security measures which are just as vital to the continued running of the business may not be so easy to configure and oversee — building out new VPN capabilities between branch offices, for instance, is no one’s idea of a fun task. But to protect teams as they collaborate, communicate and share inside and outside the business, Avanan’s management of Teams is surely a no-brainer.
To learn more about protecting your central work suite in Office 365 and the specific uses of the Avanan range of solutions, organize a talked-through demo with a representative today.
