It’s no longer an anomaly for the majority of a modern company’s workforce to have the freedom to work from anywhere. Employees are commonly dispersed and often hybrid, working some days at the office and others at home. One constant for today’s employees and the way they work are the platforms they use to collaborate. Tools such as Zoom, Microsoft Teams and Slack are now indispensable, as are the social media platforms that introduce employees to a network of coworkers and clients.
The downside of these trends is an increased risk of insider threats. It’s now easier than ever to share confidential information, both unintentionally and maliciously.
How can organizations manage the risk of these necessary tools for digital community-building and collaboration? Here are five areas that you can monitor to mitigate the insider threat risks of a hybrid workforce effectively and proactively:
1. Data loss
Collaboration platforms, like Microsoft Teams and Slack, enable employees to collaborate with each other, clients and third-party vendors easily. But they also present new vulnerabilities when it comes to data loss. Whether unintentionally or purposefully, users of these platforms could expose data in ways that put the company at risk.
Consider, for example, the massive breach experienced by video game publisher Electronic Arts (EA). Using stolen cookies from an underground marketplace, attackers infiltrated a Slack channel at EA, posing as an employee needing tech support. The attackers created a plausible backstory to persuade an IT administrator to give them a multifactor authentication (MFA) token, then compromised a development service to download more than 780 Gb of source code.
But malicious actors aren’t always responsible for data loss. Sometimes, negligent insiders are in the driver’s seat. For example, a mistake in trying to exempt a single user’s account at KPMG caused the accounting firm to lose chat records of more than 145,000 Microsoft Teams users.
Regardless of the reasons behind data loss, the impact of these incidents is significant: the average cost of a data breach is $4.24 million.
Digital collaboration tools are essential to the hybrid workforce, but improper management can leave your organization vulnerable. Malicious attackers can target your organization’s weak points to gain access to private information; after all, negligent insiders are responsible for 62% of insider threat incidents.
2. HR policy violations
Social media and chat platforms that colleagues use to connect can also have a dark side. Despite the best human resources (HR) policies, these environments can be hard to moderate, especially since employees can forget these online platforms are still professional atmospheres. It’s therefore not uncommon for inappropriate or illegal conduct to occur.
In the case of Steph Korey, CEO and co-founder of luggage startup Away, “Slack bullying” became a significant issue. The incident dealt a reputational blow to the fast-growing company.
This example not only illustrates that HR departments need to be fluid enough to adjust to the changing demands of a hybrid workforce, but they also face the challenge of enforcing their policies by policing digital channels.
Negative company culture can stoke the flames of betrayal, leading disgruntled employees to act nefariously. Unfortunately, as digital communication tools become commonplace, HR departments are challenged in monitoring each channel and ensuring well-meaning policies are upheld. Without consistent enforcement, workplace bullying, or even illegal activities, can take place online, putting employee well-being—and the company—at risk.
3. Social media missteps leading to reputation damage
While social media can help many companies find loyal fans, one wrong move can be disastrous for the business. Mistakes can come in many forms. An employee could unwittingly expose protected information in a seemingly innocent post, for example, or they could demonstrate poor customer service by responding inappropriately to a customer’s complaint online.
Social media isn’t just for marketing teams anymore; technical support and even some services are now offered exclusively through social media. And it’s all too easy for employees with limited compliance expertise or customer support training to post the wrong thing on social media. Reversing course isn’t always as simple as deleting the post, either. After all, the internet has a long memory, and there can be real-world consequences for social media blunders.
Consider the example that major credit bureau Equifax set in the wake of a large-scale data breach that affected more than 147 million customers. Tweets sent from the company’s official Twitter account directed concerned customers to what turned out to be a fake website, creating even greater reputational damage for the business.
Social media can also be used to lure sophisticated cybersecurity professionals into clicking the wrong link. A recent social engineering campaign launched by a North Korean-sponsored threat group targeted cybersecurity leaders through blog articles, YouTube videos and social media platforms. When unsuspecting targets clicked certain blog links or collaborated on projects with DPRK attackers, this opened the door for hackers to exploit their vulnerabilities.
Social media can easily be engineered to convince customers and even the most discerning employees to click risky links or download malware unsuspectingly. Blunders can result in reputational damage and data loss that can be challenging to recover from, especially as customers have heightened expectations about security.
4. Insider fraud
Many organizations don’t monitor their collaboration platforms actively. As a result, many employees think of chat platforms as safe places to share proprietary information or customer data.
Goldman Sachs learned this lesson the hard way in 2018 when the financial services company agreed to pay a $110 million fine for foreign exchange trading fraud that occurred when employees discussed upcoming customer trades in a chat room. Similar instances of digital insider trading have occurred on social media or through messaging apps, including WhatsApp.
Financial crime can be committed using social media or collaboration tools, especially since it’s particularly challenging to detect this activity due to data privacy rules. The ramifications can be significant; such acts make companies vulnerable to major financial losses or criminal charges.
With more conversations taking place online instead of around the watercooler, instances of employee fraud are often highly documented. However, if organizations aren’t monitoring their chat channels, they could discover evidence of fraud or improper handling of customer data when it’s already too late. A proactive approach to preventing insider fraud involves monitoring collaboration tools for warning signs and acting to stop fraud before it occurs.
5. Legal issues
Employees communicate easily among themselves and with the public through an ever-increasing number of digital channels, an area that often lacks compliance with the increasing number of industry rules and regulations. When employees publish information that catches the attention of regulators, the resulting legal consequences can be overwhelming.
Online work conversations previously occurred exclusively over email, but chat is increasingly the digital channel of choice. Employees need to consistently apply policies that align to mandates, such as the Health Insurance Portability and Accountability Act (HIPAA) and the Sarbanes-Oxley Act (SOX), even over chat. Organizations that don’t monitor and save chat content can have difficulty ensuring compliance.
Netflix famously ran afoul of Securities and Exchange Commission (SEC) regulators in this way when CEO Reed Hastings revealed viewership data on his personal Facebook page. This violated due process since investors must be informed beforehand of where (and when) companies will make financial disclosures.
Digital communication tools might feel personal, but professional standards must be upheld across all communications. Employees and companies could face legal consequences for disclosing secure information through inappropriate channels. To avoid costly legal proceedings and fines, companies must be diligent about maintaining compliance with legislation across all communication channels.
How to increase your organization’s security and compliance
The good news is that despite the risks associated with social media platforms and collaboration tools, it is possible for organizations to mitigate the risks effectively. To do so, companies must focus on building a people-centric approach to compliance and security.
To get started, organizations should implement the following four steps:
- Capture business communications. Remain compliant and be litigation-ready by capturing data, regardless of the device type, location or platform used.
- Supervise business communications. Monitor all relevant tools and social media platforms in real time to detect compliance or policy violations that occur within corporate accounts and employees’ personal accounts.
- Prevent and respond to misconduct early. Choose a data loss prevention (DLP) solution that is data-, behavior- and threat-aware. Make sure the solution can intelligently prevent and accelerate your response to risky insider behavior and data movement.
- Exercise good governance. Protect users, accounts and data from advanced threats, whether they’re in the cloud, in the data center or on an employee-owned device.
For an in-depth look at implementing these solutions, check out the e-book, Open Channels, Hidden Threats, from Proofpoint. It includes helpful strategies for compliance officers, corporate counsel and security teams.
Subscribe to the Proofpoint Blog