Prevent data loss in cloud communication

Collaboration tools are any apps used by groups to communicate, usually in a work or school environment. Some of the most popular collaboration tools include Slack, Microsoft Teams, Webex by Cisco, Zoom Team Chat, Google Drive, Workplace from Meta and more. Within these tools, two or more people can chat, talk, share files and links, and often communicate in fast, fun ways using gifs and emojis to illustrate and react to messages. 

Employees rely on company-provided collaboration tools like Slack, Teams and Zoom to help them do their jobs quickly and effectively. Because the tools are sanctioned by the workplace, it’s fair to assume they are safe repositories for all work-related conversations. However, information security and legal leaders know that is not the case. Collaboration tool datasets are stored indefinitely by default, and their complex architecture of public, private and group conversations makes it almost impossible to see all the sensitive information they hold. Aware research shows that just 5000 employees will generate over 30 million collaboration messages each year, and approximately 1:166 of them will contain confidential or protected information or toxic and harassing statements. It only takes one of those messages to become public to cost the company millions in lost market cap, fines and penalties and lawsuits. Companies must proactively manage their collaboration tool data to mitigate the many risks it contains. 

HIPAA, or the Health Insurance Portability and Accountability Act, is a federal law that regulates protected health information (PHI). All medical providers must comply with HIPAA regulations regarding the confidentiality, security and privacy of PHI by implementing policies and procedures to safeguard that information. 

The securities industry is governed by FINRA, the Financial Industry Regulatory Authority. The Authority sets rules regarding record keeping and personnel supervision which financial institutions must follow. They must also report all violations or suspicious activity immediately. Failure to comply with FINRA can lead to fines, penalties, and even expulsion from the industry. 

Out of the box, collaboration tools like Slack, Teams and Zoom are not HIPAA or FINRA compliant. However, all major collaboration tools can be used in ways that do comply with HIPAA, FINRA, and other industry regulations. To ensure compliance, companies must institute the right guardrails and procedures about what information is and is not acceptable to share within collaboration tools. They must also introduce a solution like Aware that can proactively detect noncompliance within collaboration messages and automatically take action to flag or remove the content in real time. 

Aware ingests collaboration tool data in near real time and automatically runs messages through Artificial Intelligence and Machine Learning (AI/ML) infused workflows designed to detect sensitive and noncompliant data-sharing. Aware provides customizable workflows for major compliance regulations such as HIPAA and FINRA, and organizations can create their own workflows for their unique confidential and proprietary data. 

Aware uses regular expressions (regex) and Boolean logic to search for the most commonly shared confidential or sensitive data. Examples include: 

• Payment card industry (PCI) information such as credit card numbers, CVV codes, and bank account details 
• Protected health information (PHI) like diagnoses, medications, and medical appointment dates 
• Personally identifiable information (PII) information including date of birth, SSN, telephone numbers and addresses 

Aware also enables infosec leaders to protect proprietary and sensitive information specific to the enterprise with customizable workflows that can search for any term or phrase. This enables information security controls over details such as mergers and acquisitions, intellectual property (IP), and other confidential business data. 

Collaboration tool datasets are unlike any other. They are non-linear, fragmented, filled with shortform messages, acronyms and slang. They also include non-standard features such as emojis, images, and gifs, which courts and regulators have already ruled can have defined meaning within these datasets. Modern companies are conducting business with a 👍 or 👎, and legacy data loss protection tools cannot parse these characters or often miss their nuances. Many traditional DLP tools also batch ingest content, which fails to capture a complete record of revisions and deletions and can leave companies exposed. 

Aware was purpose-built for collaboration datasets, and captures a complete record of all messages, including revisions and deletions, in real time. The Aware platform further infuses collaboration messages with AI/ML-informed metadata that brings context to the chaos. 

Artificial Intelligence and Machine Learning (AI/ML) infused workflows are an essential component of Aware’s collaboration intelligence platform. These workflows automate the complex work of searching for, identifying, and flagging potentially sensitive, confidential, or proprietary data. With legacy data loss protection tools, infosec leaders may have to manually search through millions of messages and still not have a complete picture of all the potential risks living within collaboration tool data. AI/ML-infused workflows that run in real time give businesses proactive oversight of their collaboration data, enabling more advanced DLP strategies. 

Data loss protection encompasses many different strategies for managing how data moves throughout the organization. The goal of DLP is to secure sensitive data and protect it from being accessed or exfiltrated by unauthorized parties. While studies show that many data loss incidents and breaches are the result of employee error, insider threats remain the most costly and dangerous to modern businesses. Sentiment scoring normalized for the enterprise can help information security leaders to proactively identify where the risk of insider threat is highest by surfacing increased levels of toxicity. 

Aware was built for the complexities and nuances of collaboration tool data. By ingesting data in real time and infusing collaboration messages with contextual insights and analysis, Aware enables multiple use cases across the entire enterprise. Aware supports all major collaboration tools, including Slack, Microsoft Teams, Webex by Cisco, Zoom Team Chat, Google Drive, Workplace from Meta and more. Some of Aware’s capabilities within collaboration include: insider risk detection, forensics and investigations, compliance adherence, eDiscovery, employee experience, toxic hot spot detection, information governance, business feedback loops and key initiative tracking.