The question of how to prevent data loss has been a primary concern for organizations for quite some time. As the amount of data organizations create, hold, and share has increased, so has the range of tools available to help them secure it. However, most of these tools have one key failing for the modern workplace: They can’t prevent data loss for information shared on collaboration tools.
What are collaboration tools, and why do we use them?
Collaboration tools such as Slack or Microsoft 365, but also platforms where we work together such as Jira, Atlassian, or even Monday.com have become an essential part of most organizations’ IT. They allow dispersed teams separated by geography and time to work together both in real time and asynchronously.
Collaboration tools now account for well over half of all business communication, distributing data across any number of platforms, introducing external users to company systems, and changing data flows, making their security a major headache.
No organization, no matter how big or small they are, can afford to ignore the risk of data loss. But traditional data loss prevention programs are often viewed as more of a burden than a benefit, and organizations choose to go without them. At Reco we believe that efforts to prevent data loss shouldn’t be a compromise.
How to prevent data loss from collaboration tools
At Reco, we help organizations prevent data loss from their collaboration tools (and other tools too). Our solution is designed specifically for modern businesses who use an extensive range of collaboration tools in their everyday operations.
By analyzing context, not content
Reco analyzes the business context, not the content of interactions and files. This enables the AI tool to understand who works with who both internally and externally, and identify legitimate actions as a default, only alerting for exceptions. This reduces the volume of blocked interactions, enabling the organization to flow at its usual pace.
By reducing reliance on humans
Reco’s AI engine is designed to analyze the business context with limited human interaction. The engine is able to independently identify when the business context has changed (for example when someone has left the organization, when a new contractor is given access to a specific system or tool, or when the organization begins working with a new customer), and review and update rules accordingly, once again allowing employees to work together at their natural rhythm.
By following the data
Reco is designed especially for collaboration tools, understanding the way employees use them, and establishing ways to secure their activities. By following the data, Reco can understand how the data is shared between users and identify when a user is trying to bypass the rules, for example by using non-sanctioned applications (shadow IT) to share sensitive information with an unauthorized person.
Why traditional data loss prevention tools don’t work for collaboration tools
As the use of collaboration tools has grown, many organizations have simply tried to adapt their existing methods for preventing data loss to these tools. However, many of these traditional data loss prevention tools were created before the explosion of collaboration tools, and are designed based on a set of principles that are incompatible with collaboration as we know it today.
They are manually intensive
Many data loss prevention tools are manually intensive, relying on centralized IT teams to manage alerts and resume data flows. However, the rise of asynchronous working means that most collaboration now takes place in moments, not meetings, and as employees work in different time zones, or at unusual hours they may require IT support out of hours. When they can’t access IT support in real time, they either have to abandon their task and wait until it can be resolved, or find a different solution. Either way, the natural pace of business has been interrupted.
They use static, predefined rules which rapidly expire
Traditional data loss prevention tools rely on static, predefined rules. These rules need to be created manually, which takes considerable time. But in the fast-paced modern enterprise, the rules constantly change, and the predefined rules are quickly out of date, requiring constant review and update to keep the business moving.
They make decisions based on the data’s content, not the business context
Traditional data loss prevention tools rely on the content of data rather than the business context. By following the content, they are reliant on each piece of data being correctly assigned a sensitivity tag (external, internal, confidential, and so on), a task which may not always be completed accurately. They are also limited in their ability to follow data through systems, especially when a piece of data is not assigned a tag.
They make outdated assumptions about data
Traditionally, organizations created data, saved it in one centralized storage system, and accessed it from that storage point when they needed it. Collaboration tools have introduced the concept of distributed data, meaning that data can be held or accessed from many different systems or applications, and employees may simply not know who has access to what. If employees have no idea, systems which rely on information fed to them by humans will also not know where all the data is.
Prevent data loss in your collaboration tools today
At Reco, we call this ability to secure collaboration tools collaboration security. We believe that while the modern enterprise must be able to prevent data loss in their ever-increasing stack of collaboration tools, their security shouldn’t be a business blocker.
We believe that the future of security is to secure the collaboration activity as it takes place, taking into account how employees prefer to work and use the tools available to them, and ultimately empowering them to make the right security decisions regarding their own work (and catching them when they don’t).
Contact us to discover how our approach and tool could help your organization today.
Gal Nakash, Co-Founder & CTO
Gal is a former Lieutenant Colonel in the Israel Prime Minister’s Office. A tech enthusiast, Gal’s background is as a Security Researcher and Hacker.
Gal has led teams in multiple cybersecurity areas with expertise in the human element of cybersecurity.