April 13, 2020 Zoom vs Microsoft Teams – Security and Privacy in a COVID-19 world Our POV on the Zoom v Microsoft Teams debate. Introduction In this article we take a look at the Zoom security flaws, some of Microsoft Teams strength and how we can keep video conferencing secure and private while enabling remote work in a post-COVID-19 world. Virtual collaboration platforms such as Zoom and Microsoft Teams are phenomenal sources of unified communications. In the age of remote and mobile work, they enable continuous operability. Ever since the COVID-19 pandemic began, there was an instant demand for everything to be virtual. Corporate clients, government entities, schools, and institutions; all have chosen video conferencing and live streaming to continue operations. However, when hundreds of millions of users are interacting through any platform, the security of data continues to be a concern. The news of bombing a Zoom meeting aka Zoom bombing scandal has been doing the rounds nowadays. Shockingly, it allowed hackers to infiltrate chat rooms with profane content. Moreover, anyone could easily access or see the shared content online through Zoom. This all sums up to show that Zoom is vulnerable to threats and data exposure as well. As per the latest reports, Zoom’s services are now being discarded by many due to its serious security loopholes. Consequently, people are now in a fix asking a question of which platform is right to use? Is Teams the one to bank upon for all communications and safety-related issues? Though Zoom and Teams equally serve their best in creating video-collaboration culture, there are security differences that set them apart. Before we read about Teams security practices, let us first demystify the underlying causes of Zoom’s vulnerability: Zoom Anyone can join a Zoom meeting using a shared link without downloading any software. It is Zoom’s most enchanting feature that triggered its whopping usage worldwide. On the verge of making its services easy to its customers, Zoom enabled browser interface for one-touch meeting joins from standards-based video endpoints. It eventually caused Zoom connector application to create unsecured URLs lacking authentication controls to login to the Zoom cloud. Sadly, it leaves a giant room for unauthorized users to easily control video endpoints from any browser without login credentials. They can manipulate cameras, make calls and invoke device settings without permission. Along with other security issues, Zoom is also found to be using a weaker encryption algorithm to encode audio and video data. Needless to say, the software can be easily tampered by cybercriminals. Microsoft Teams Microsoft Teams is built on Office 365 hyper-scale. The strong cybersecurity and compliance controls create a sturdy groundwork to prevent phishing attempts or ransomware attacks. The two-factor authentication process in Teams protects accounts from identity theft. Also, encrypted user data transmissions using Secure Real-time Transport Protocol (SRTP) prevents potential data leaks. It further ensures risk-free document sharing and data storage in Teams. Teams stores sensitive data in SharePoint, OneDrive for Business, Exchange, Stream, and Groups. To fetch any information from these controlled repositories, one needs eDiscovery rights. With Teams, attendees can be easily managed in meetings keeping the user access transparent. If you want to allow guest users to attend your meetings, you can do it while retaining complete control over your environment. You can even restrict users to share any content. Additionally, Teams integrates advanced AI for automating the detection of bullying, trolling or illicit messages through chat and conversations. All sumps up to provide you an enhanced collaboration experience covering you with safety. Summary As a key player in collaboration, Microsoft Teams pledges to secure user information complying with more than 90 regulatory standards and laws. If you are using Teams for collaboration, you must remain confident that your privacy is Microsoft’s priority and commitment. Coming back to comparing Zoom with Teams, I would suggest using Zoom for having public conversations only. But if you are an organization that doesn’t compromise with security at all, then definitely Teams is a valid choice for you. Stay Safe! Know more about adoption, governance and automation for Microsoft Teams in our articles.
April 08, 2020 Security, Document Tracking and Sharing with AIP The world is witnessing a huge upswing in remote work amid the COVID-19 outbreak. One of the most important aspects in such a scenario is airtight security across an organization’s environment. TeamsHub by Cyclotron secures confidential data and prevents potential data breaches through enhanced governance using Information Rights Management (IRM), document tracking through Azure Information Protection (AIP) and external file sharing. Introduction TeamsHub by Cyclotron is an automated governance platform for Microsoft Teams. It saves IT departments overheads and provides secure operation continuity by integrating the best in class features from Azure and Office365. In this article, we explore the various aspects of security, document tracking, and sharing using AIP, IRM, and others. Microsoft has published an article intended for IT professionals yesterday. It provides important privacy and security aspects for Microsoft Teams. The full article is listed here. One particular section of interest in governance is preventing cybersecurity threats using various tools. Sensitivity labeling, cloud app security, data loss prevention, and advanced threat protection are some of them. Additionally, protecting identity and account access is another section of note in the article. As a matter of fact, TeamsHub by Cyclotron allows many ways to automate governance and protect data using AIP and IRM for security, document tracking, and sharing. This helps with security and compliance for Microsoft Teams. As a result, heavily regulated industries such as Banking, Finance, Insurance, Healthcare, and Lifesciences will find this especially useful. Let us take a look at some of them. Security: Sensitivity Labeling and Guest Access Automated governance features in TeamsHub by Cyclotron particularly provides a rich set of flexible features. Firstly, create a Team as either Private or Public. Information is now accessible to either a select or large section of users because of this setting. Private access allows for team members to collaborate without sharing information. Also, you can mark the Team as confidential or restricted. A public Team’s information is available to everyone. . Furthermore, in addition to Team visibility, guest access can also be configured. Security and Document Sharing: Information Rights Management (IRM) Our governance feature set provides IRM which systematically safeguards sensitive corporate data from possible leaks. Prevent unintended users from seeing, editing, downloading. sharing and printing documents. This depends on the setting of that document and auto-expires access after a specified time. Apply IRM settings directly using TeamsHub by Cyclotron. This is through a team-level tile view. Not to mention that this is a convenient method instead of navigating to a SharePoint Document Library or through the SharePoint Admin Center. Security and Document Tracking: Azure Information Protection (AIP) In any organization, collaboration involves internal and external users such as vendors, contractors, and agencies. Files or documents need to be shared only with the intended audience. Protect sensitive information outside the organization. Using AIP, administrators can automate tasks. Document tracking, setting expiry dates for access or revoking access based on unexpected or unusual behaviors can all be configured. Moreover, protected document access sends a notification using AIP. TeamsHub by Cyclotron allows users to actively monitor document access. Of course, this can be leveraged through a usage report which shows any failed access attempts. Security, Document Sharing and Tracking: External File Sharing Is external file sharing different than adding a guest to the Team? Yes – share selective content with people outside the organization. Moreover, these users are not members of any team. In such scenarios, administrators need to be vigilant of users’ activities. Moreover, administrators must monitor permissions granted on shared content and time limit before expiry. TeamsHub by Cyclotron provides a unified interface to bring up all externally shared files. This is one of the key governance aspects for administrators TeamsHub by Cyclotron provides two types of interfaces. First of all, a unified view of all externally shared files across the tenant. Furthermore, a team-level interface that shows externally shared files by that team. Provide access via a link to the document or to the document itself as below Can Edit – shared for collaboration with read-write access.Can View – read-only access to the document Stop sharing – mistakenly shared documents or suspicious activities detected. Finally, it is imperative more than ever to upgrade to virtual collaboration across geographical boundaries. This helps the organization to operate without any slowdown or worse shut down during emergency situations or crises. Consequently, automating governance and streamlining administration can help in creating a remote workforce very rapidly. TeamsHub by Cyclotron understands these needs and has inbuilt security for collaboration and compliance. This along with simplified governance enables your organization’s productivity to remain unscathed and uncompromised. Other Reading Governance Best Practices for Microsoft TeamsAutomate Top 5 Governance Features in Microsoft Teams
