Page 56 - Cyber Defense eMagazine September 2023
P. 56
Multi-faceted strategy needed to secure integrated platforms.
Securing an integrated collaboration platform requires a robust and collaborative strategy. Several
different methodologies must be enabled to effectively mitigate risks and vulnerabilities that involve
platforms or other communications or business tools.
To be most effective, this strategy needs buy-in throughout the organization. Security is not only the
concern of the CISO and other IT security teams.
Here are several ways to create a secure collaboration platform that can function optimally for your
organization:
1. Start with software applications that are secure by design. As per recent CISA guidance, “secure
by design, secure by default” refers to software that has security built in from the ground up.
Secure by design means that security is an integral part in and throughout all stages of design
and software engineering. Security isn’t bolted onto the software as an afterthought.
2. Adopt a culture of security in the organization. When an organization adopts a culture of security,
it needs to start with leadership. With cybersecurity infrastructure on its way, teams, executives
and systems all need to be prepared. All stakeholders from the C-suite to all employees and end
users must be involved in the cybersecurity process. The organization must also ensure that
employees are educated in practices for cyber hygiene, including Zero Trust, password rules, and
accessing only secure networks, endpoints and devices.
3. Ensure that teams have the tools they need. The organization is responsible for making sure
employees have the advanced tools, apps, and platforms required to do their jobs effectively.
Tools need to be convenient, effective and easy to use. When employees become frustrated
because they don’t have access to business and collaboration tools, they resort to downloading
and using shadow apps that can introduce vulnerabilities and risks. It’s critical for organizations
to make sure business tools – including AI tools – are verified and secured at all times to protect
data, privacy.
4. Enable all software security tools. It’s critical to verify that all collaboration software tools have
every advanced security and authorization tool enabled. This includes requiring multi-factor
authentication, monitoring and limiting access, and using the most advanced encryption protocols
available.
5. Establish API security practices. Some primary API security practices include defining API
protocols and maintaining a current API inventory with comprehensive documentation. Other
secure API practices include requiring multi-factor authentication, using security keys and
certificates, and applying Zero Trust methodology. Partnering with API security software is
another effective strategy.
6. Look for collaboration solutions that give you control over the privacy and security aspects of your
data and how it is retained. Implementations that allow you to control where modules are
deployed (private cloud/hybrid) and how and where those solutions store your data, shared
content and collaboration recordings is critical.
Establishing and implementing a comprehensive platform security strategy also requires collaboration
and cooperation among business units, IT teams and security teams. Platform, application and API
security is an essential part of ensuring an organization’s entire tech stack is secure and optima
Cyber Defense eMagazine – September 2023 Edition 56
Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.