Use Workplace from Meta to unlock the voice of your employees. Join the webinar to learn how. →

SOLUTIONS

For IT & Collaboration Owners
Deliver safe, secure collaboration while satisfying the needs of stakeholders across the business

For Security
Improve your risk posture with a purpose-built solution for collaboration

For Legal
Scale, orchestrate and streamline your eDiscovery process for employee collaboration
For Compliance
Establish a proactive approach to collaboration compliance and information governance


For Employee Experience
Harness insights from surveys and collaboration data to transform the employee experience

AWR-2023_human-behavior-risk-analysis-report_cover art_small
Download the Resource

The Human Behavior Risk Analysis

Learn More →

Integrations

Connect Aware to the tools you already use to have all your company messaging in one place.

LEARN MORE →
Our Platform

Contextual Intelligence Platform

Aware is a contextual intelligence platform that identifies and reduces risk, strengthens security and compliance, and uncovers real-time business insights from digital conversations at scale.

LEARN MORE → Learn About our AI →
Our Applications
Flashlight

Signal

Protect your data and your people with complete, real-time visibility and centralized control of collaboration.

Learn More →
Chat_Search

Data Management

Take centralized control and make smarter decisions about what to keep and what to purge.

Learn More →
file_lock

Search & Discover

AI-powered universal search purpose-built for collaboration. Find information and surfaces the full story—faster.

Learn More →
Growth

Spotlight

Automatically capture authentic human signals from modern collaboration to support your most valuable asset.

Learn More →
AWR-2022-HBRA-LandingPage-Visual

What's in your data?

Calculate my results →

Company

About Aware

Our leadership, our company

Careers

Explore open roles with our remote-friendly, global team

Partners

Driving customer value, together

Press Releases

Digital workplace news and insights

Customers

How Aware customers streamline operations, reduce risk, and boost productivity

Security

Data security partners & certifications

Contact

Get in touch with us

Aware-BPW-Company-Nav

10 Reasons Why Aware is a Top Place to Work

Learn more →

Resources

Access reports, webinars, checklists and more.

Explore →

Blog

Explore articles devoted to enterprise collaboration, employee engagement, research & more

Explore →
Case Study Promo_2023

How Aware customers streamline operations, reduce risk, and boost productivity

Read More →
Menu

Understanding and Mitigating Risk in Collaboration

by Aware

How to Mitigate Your Threat Exposure in Collaboration Tools Like Slack, Teams, Webex, and Zoom

Covid shutdowns took many IT leaders by surprise. Major enterprises had to roll out new tools and programs to facilitate a shift to remote work on just a few days’ notice. For organizations that typically follow careful roadmaps for implementing new technology, the digital transformation happened at unprecedented speed.

That doesn’t mean collaboration tools were unknown entitles in 2020. Yammer has been around since 2008, Slack since 2013, and Microsoft Teams launched in 2017. Many organizations used collaboration in at least some areas of the business. However, company-wide launch was still a long way off for most.

With remote and hybrid work firmly part of modern corporate life, the digital office represents a new frontier, where limited controls introduce greater freedom—and increased risk. Now organizations are waking up to the need to manage this new dataset, how can IT leaders mitigate the risks posed by collaboration tools without losing their benefits?

What is risk?

Risk is the potential for a negative outcome. Not all risk is bad—if it was, we’d never take any risks at all. But risk avoidance brings with it the danger of closing doors on new opportunities, greater innovation, and better deals. No matter how risk-averse an organization might be, it must have some amount of risk tolerance in order to thrive and grow.

Risk Avoidance vs Risk Mitigation

Risk Avoidance—Completely eliminating risk by refusing any actions with unknown consequences

Risk Mitigation—Reducing likelihood of negative outcomes to acceptable levels to benefit from positives

 

The risk of collaboration tools

The introduction of collaboration tools was itself a risk. Slack and Teams might be popular within your organization now, but their widespread adoption and positive impact on productivity wasn’t always a certainty. Risk-avoidant organizations resisted any use of collaboration tools, while others explored limited, controlled usage to mitigate potential downsides.

That all changed with the pandemic. Without giving employees ways to work together remotely, businesses faced the inevitability of complete closure or rampant use of unapproved, unsanctioned tools. The balance of positive and negative outcomes changed, and most organizations realized that risk avoidance was more likely to be detrimental to the company. Instead, they chose to mitigate the risks of remote work by providing managed, approved tools for employees to use.

For many, that’s where risk mitigation of collaboration ended. What IT leaders didn’t realize was how successful their new tools would be, or what new risks they would bring with them.

Risks in collaboration datasets

Collaboration data is unlike any other. It’s fragmented, informal, and uncontrolled. Conversations flow seamlessly from public channels to private groups and direct messages. In a click, employees can upload files, share restricted information, and invite external collaborators into the workplace environment. And unless you manually adjust retention settings or a user deletes their messages, everything entered into collaboration tools is saved forever.

Aware research shows that:

  • Over 90% of Slack messages are sent in DMs or private channels
  • 1 in 17 messages contains 3+ pieces of sensitive information like PII
  • A 5000-employee workplace will share credit card numbers 271 times a month
AWR-2023_Risk awareness_promo card

Download the full report now

Download My Copy

What have you done to mitigate the potential harm that dataset contains? What could a malicious insider or external threat actor take from your organization if they gained access to that environment? How many instances of confidential, protected, or regulated information have employees uploaded—and could you find and remove them all from the tangled web of data you now hold?

The simple truth is the tools that saved the workplace during the pandemic have introduced a massive amount of unmanaged risk that now threatens to cause unforeseen damage to the enterprise.

What do these risks look like?

Highly regulated industries like healthcare and banking are at the most obvious targets for data exfiltration, and at greatest risk of sanctions for failing to control collaboration data. The fines for regulatory noncompliance can run to hundreds of millions of dollars. Messaging on unmanaged tools cost the financial sector $549 million in August 2023 alone.

Even outside highly regulated sectors, all companies still deal with confidential information on a daily basis. Personal Identifying Information (PII) and Payment Card Industry (PCI) data are just two common examples. If your employees routinely handle customer phone numbers, addresses, or payment information, that data almost certainly exists somewhere in your collaboration messages, and introduces the risk of fines, penalties, and loss of consumer confidence if it ever comes to light. According to IBM, every stolen or leaked customer PII record costs businesses $180, and Aware research shows that 1 in 17 collaboration messages contains 3+ pieces of sensitive information.

helpingTelecomProvider

This telecom provider used Aware to uncover 20k+ credit card numbers in their collaboration tools

Read Their Story

Intellectual property also proliferates across collaboration messages. From teams working together on the latest business innovation to employees sharing insights, customer lists, and industry reports. What damage could that information do if it got into a competitor’s hands? The latest data shows that 12% of employees take IP with them when they leave a workplace, and the rise of collaboration applications that sync data across devices makes this type of exfiltration harder to identify and prevent.

The most innocuous workplace conversations can have negative outcomes for businesses if they become public. Threat actors have known for years that collaboration messages hold a treasure trove of information. And not only passwords, credentials, and code, all of which are commonplace in collaboration. Even idle chatter, office gossip, and interpersonal drama can provide opportunity for hackers and blackmailers if that information would be damaging if it became public.

Aware-UberBreach-OGsocial

Opinion: The Uber breach demonstrates why we built Aware

Read More

The challenge of mitigating risk in collaboration data

Faced with massive risk exposure, organizations must address mitigation as a matter of urgency. The enduring popularity of remote and hybrid work continues to make collaboration tools necessary to the enterprise, and employees are accustomed to using them. Simply revoking the tools is not an option. Instead, IT leaders must focus on imposing controls that mitigate the risks these tools represent.

The controls needed to do this aren’t new. They exist for all other forms of business communications. For example, email servers can block senders and recipients, restrict offensive language and monitor file attachments. From an organizational perspective, controlling collaboration messages is no more restrictive or intrusive than managing any other form of communication.

So what’s the problem? It’s the nature of collaboration tools themselves. They were designed to circumvent the checks and balances of traditional business communications and lack the functionality to apply those controls even when they prove necessary. And in the limited instances where business controls are available, they’re usually highly granular and/or limited to a single tool.

Given that over 90% of business use two or more collaboration tools, complete oversight of the total collaboration ecosystem quickly becomes complex to institute and expensive to maintain.

The benefits of collaboration are only worthwhile if you can mitigate the risks

The Aware AI data platform gives leaders the visibility they need to streamline governance and compliance, secure valuable business data, and address risk within the enterprise. Aware solves for top concerns across all major collaboration tools, unifying control of the entire ecosystem into a single, intuitive platform.

Aware for IT & App Owners

Aware for Compliance Teams

Aware for Security Teams

Aware for Legal Teams

 

Purpose-built for the nuances of collaboration, Aware connects effortlessly to your existing tools through APIs and webhooks with no additional IT lift needed—and no impact on the end user.

Control collaboration risk with automated compliance monitoring using best-in-class natural language processing and sentiment analysis. Detect, flag, and tombstone unauthorized information sharing in real time, and automatically coach employees on acceptable use policies.

Take control of your collaboration dataset with Aware and discover how your organization can enjoy its benefits while mitigating risk.

Aware demo request
Topics:Enterprise CollaborationInsider Risk

Subscribe to Updates

AW_Logo-White
Platform
Integrations
Resources
Company
Legal
Do Not Sell My Information

455 S. Ludlow Street,
Columbus, OH 43215
2023 Inc._Best Workplaces - Standard Logo Reverse
Copyright © 2024 Nullable, Inc. All Rights Reserved.