Application Security IT Security

Security Risks in Remote Team Productivity Apps

What are the Security Risks of Remote Productivity Apps?

Due to the rise in remote working, more of us than ever are utilizing productivity application to facilitate meetings, to collaborate, and to share files and information. While productivity apps such as Slack and Teams have robust security features, there are still many potential vulnerabilities that could be exploited if end point users are not proactive and following security protocols, such as accessing secure Wi-Fi. The following have been identified as potential vulnerabilities and attacks in remote team productivity applications1:

Automated account takeovers (ATOs). A vulnerability in Slack was found to have the potential for an attack that would force open-redirects, leading users to a rogue client outfitted with Slack domain cookies. In this type of attack, the cyberattacker could gather session cookies that could perform an account takeover. After ascertaining login and password authenticity, the cyberattackers could gain access to sensitive data. These attacks can also be done through automated processes via bots to take over as many accounts as possible.

Third-party apps. Many approved third-party apps can read chats, and those chats can contain sensitive data that could be breached.

Malware and phishing attacks. Messaging elements are often used to trick users into clicking on malicious attachments and links. Cyberattacks using stolen login credentials or credential-stuffing attacks are used to access sensitive data in messages and chatrooms. The acquired credentials and/or sensitive data can then be used to further breaches by allowing cyberattackers to impersonate employees and to send out more malicious attachments or links.

Direct-message vulnerabilities. Employees using direct messaging features on productivity apps under employer subscriptions should be aware that their messages may be accessible by executives, HR, and senior-level staff.

Private data retention. Productivity apps for remote teams each have their own procedures and policies for data retention. On Slack, only a user with a paid membership has the ability to access messages beyond the 10k message limit, so those who do not have paid memberships cannot delete or edit those old messages, but they are still retained by Slack servers, and any other party such as hackers, cyberattackers, or law enforcement, who can gain access to them.

Add-on threats. There are countless add-ons for productivity apps that serve to enhance the user experience by streamlining processes or boosting efficiency. Installing a malicious add-on can open an account up to cybersecurity threats.

Guest users. Malicious guests can gain access to documents and resources in channels, chats, and applications, leaving an account open to cybersecurity threats.

Access from unmanaged devices. Users in a Teams channel can connect from any device. Those with unmanaged devices could have data downloaded from Teams to their device compromised if they become a victim of a cyberattack2.

Screen sharing and displaying confidential data. When screen sharing a user could inadvertently show sensitive messages or data on the presenter view, compromising the sensitive data.

1 Polymer, 2020, “Data Leak Risks in Using Slack by Remote Teams”

2 Odusanya, 2021, “Top 8 Microsoft Teams security issues”