Casual collaboration comms pose security risk, survey shows

One-third of nearly 800 UK employees polled admit sending customer information using Collaboration tools, a survey investigating the growth of collaboration tools in the workplace has revealed.

A quarter of respondents admitted sharing personnel information such as HR and pay details, and 21% said they had used collaboration tools to send company financial information, according to an independent study commissioned by secure team collaboration platform provider Symphony Communication Services.

The study shows that the UK workforce is increasingly putting its trust in such platforms to conduct business. Employees are using them to send personal information, with 94% saying they are confident that the information shared via these platforms is safe from external eyes, despite 24% admitting they were not even aware of their employer’s own IT security guidelines.

The study report noted that with many of these applications not protected with end-to-end encryption, and employees admitting to using them for sensitive data, the survey findings highlight a worrying gap in security knowledge.

“The way we work is changing,” said Jonathan Christensen, chief experience officer at Symphony. “Collaboration platforms and other innovations bring positive improvements that enable more flexibility and better work-life balance. But a more casual approach to workplace communications, and digital habits in general, presents major security risks.

“Employees won’t keep secure practices on their own, and employers must consider how they will secure workforce communication over messaging and collaboration tools, just like they did with email.”

The research also uncovered other trends that put employers at risk, including the fact that 51% of respondents are using collaboration platforms to discuss social plans, 44% are sharing memes and photos, and 18% admitted using them to ask a co-worker out on a date.

This ease of communication poses a danger of creating a casual attitude to workplace communications, said the study report, because 29% admitted talking badly about a client or customer, 19% had shared a password, and 15% had even shared credit card details over these platforms despite the fact that if this information fell into the wrong hands, it would cost the employer financially and in reputational damage.

“The flow of conversation in collaboration apps can be powerful for building team cohesion and productivity, but managers have to ensure that the ability to have casual conversations does not lead to the casual handling of sensitive information,” said Christensen.

“Having the ability to securely deploy appropriate monitoring and surveillance tools to ensure that data leaks are prevented, as has been done with email and telephone systems, is critical, particularly for regulated environments.”

As well as collaboration tools being identified as a means to improve productivity, 79% of respondents think they make it easier to work remotely. But this also presents security challenges, the report said, with 39% admitting to accessing these tools from their personal computer and 49% using their personal phone, compared with 40% who use a work-issued phone, and 10% admitting to using a publicly available computer.

“Having access to messages and the relevant documents in them, from any device, is a powerful tool for ensuring work can flow,” said Christensen. “But it is critical, when enabling access from untrusted devices, that the business’ security, compliance and data policies can still be enforced.

“The lines between personal and professional life are increasingly blurred. While this brings improvements in productivity and work-life balance, it also poses more security challenges and a greater risk for employers.”