Collaboration tools from a security perspective

A shared work environment can facilitate malware distribution. We have just the means to stop it.

For many companies, the mass transition of staff to remote working created a need for new tools. Years of fine-tuning employee interaction mechanisms went down the drain overnight as IT departments scrambled to deploy market-ready collaboration solutions. These solutions aroused no less interest among cybercriminals, who smelled an opportunity to gain remote access to companies’ information systems and spread malware through corporate networks.

New threat landscape

The problem with collaboration solutions is that at any moment they can be turned into vehicles for spreading infection across the corporate network. Just one negligent employee (who uses an obvious password, logs in from a compromised machine, opens a malicious attachment, etc.) can expose the working environment to attack, whether that employee logs in from an office cubicle or a home office.

The surge of interest in platforms of this kind led to a market glut of crude programs that were more focused on convenience than security. Collaboration tool security popped up in the news every now and again throughout spring and summer 2020. As a result, when the tide of confusion receded, companies that had factored in protective technologies in advance got marketing advantages.

How to protect your collaboration platform

When choosing a secure collaboration system, customers generally consider several aspects: encryption type, availability of multifactor authentication, the data storage server’s physical location, and data protection methods. We can assist with the latter in the form of Kaspersky Scan Engine, one of our solutions for corporate clients and technology partners.

It readily integrates with any software product, scanning the files that flow through the collaboration environment for malware.

Nextcloud protection

Nextcloud, which is pretty clued-in about user security, enables Kaspersky Scan Engine for use as a file antivirus in its collaboration platform. Nextcloud is deployed in a private cloud on the client side, and it supports the connection of various types of user devices. In other words, in the shared working environment, files may be loaded from totally different operating systems. In theory, that flexibility increases the risk of threat propagation: first, because security solutions for different platforms can provide varying levels of protection; second, because users of some types of systems (such as Linux) tend not to use antivirus solutions at all.

To prevent an end user from inadvertently (or deliberately) compromising the corporate collaboration environment by downloading and distributing a malicious file, the platform creators developed a security app that our scanning engine can connect to. To use it, corporate clients need to get the Kaspersky Scan Engine, install the Nextcloud Antivirus app, and configure it to work with our solution. That done, the app scans every file uploaded to the server for malicious code, detecting ransomware, cryptominers, spyware, and other dangerous objects. The engine receives real-time information about the latest threats through Kaspersky Security Network and can repel an attack within minutes of our technologies learning of the threat.

To install Nextcloud Antivirus and connect our engine to it, learn more on the Kaspersky Scan Engine page.