Keep Slack and MS Teams Safe from Malicious Actors
With over 60 million chat users on apps like Slack and Microsoft Teams, usage has surged as the pandemic forced businesses into remote work. These platforms are now critical for business continuity, making it vital for InfoSec teams to understand the security implications.
For an attacker, extracting workspace data, chat messages, or files isn't always the biggest prize. What could be worse? Hackers can gain full workspace access by stealing session cookies stored on a user's device.
Since local device data is exposed to uncontrolled processes in Slack, malware can silently extract information without the user noticing. InfoSec teams must secure workspaces by following these steps:
- 1. Educate users and IT admins on the need to regularly terminate active sessions on all devices. This may or may not require a password, depending on your workspace configuration.
- 2. As with all protected accounts, remind users to change passwords periodically and implement Two-Factor Authentication (2FA). Admins should also review access logs to verify if any unknown devices have connected to the accounts.
- 3. Ensure users are updating their software in a timely and appropriate manner.
Moxy IT
Contact Us
Protege tu entorno de colaboración. EscrÃbenos hoy mismo.