The growing interest in third-party collaboration apps
The growing trend toward remote work is changing how people communicate in the workplace. Cloud-based collaboration apps and videoconferencing tools are making life easier for employees while helping businesses quickly adapt to this new digital world. But now that potentially sensitive conversations are happening via third-party services, what does that mean for your data privacy?
When Zoom’s popularity exploded as employees shifted to working from home due to COVID-19, bad actors quickly took advantage of the security weaknesses in the videoconferencing platform. Besides resulting in the new term “zoombombing,” these security breaches showed the privacy implications that you need to consider when you use cloud-based services.
But before you even start thinking how to protect against the security vulnerabilities of these tools, you need to understand what kind of privacy the service providers themselves offer for the data they collect from your users.
Here’s a look at some of the privacy agreement terms in three of the most popular collaboration services: Slack, Zoom and Microsoft Teams.
Slack: Privacy controls depend on what you pay
Slack has four tiers: free, standard, plus and enterprise. As is typical with multi-tier platforms, the privacy protections and controls in Slack vary greatly based on which one you use — and only the enterprise level comes with advanced options such as data-loss protection (DLP).
Last year, Microsoft reportedly banned Slack because all three lower service levels did not have adequate controls to protect the company’s intellectual property. While Slack Enterprise Grid does have such protections, the tier is geared toward very large or highly regulated enterprises — and chances are, not many smaller businesses can afford it. The company doesn’t disclose enterprise pricing on its website, but the tier below that, Plus, currently costs $12.50 per (Read more...)
*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Rodika Tollefson. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/kok3DX1imsA/