kras99 - stock.adobe.com
Top 5 collaboration features to disable for security reasons
Most enterprises lack sufficient collaboration security strategies. Instead, companies are disabling features to improve security. Learn which features are most often disabled and why.
Vendors continually roll out new collaboration applications, using technologies such as AI to gain competitive advantage even as they deliver new features, among them connected workspace applications.
The torrent of products, however, creates collaboration security challenges for those responsible for governance, security and compliance. They must ensure that any new app or feature introduced to the workplace is done so in a manner that minimizes risk. At the same time, any failure to proactively support new collaboration capabilities may result in employees using tools outside of IT control.
Companies react to attacks on their collaboration apps
Metrigy's "Workplace Collaboration and Contact Center Security and Compliance: 2024-25" global study of 338 organizations highlights these concerns. Almost 21% of participants said their company's collaboration applications have been attacked, an increase of more than 40% from 2023 and nearly a threefold increase from 2021.
In response, half of companies polled now mandate that chief information security officer teams approve deployment of new collaboration applications, with another 43% having their teams provide guidance for evaluating new apps. Yet, in 2024, just 35% of companies had a formal program that covered security, governance and compliance of their collaboration applications, a number that barely budged from 2023.
The lack of a formal collaboration security program is leading a growing number of companies to simply disable collaboration features or block apps they are unable to manage. Among poll participants, 30% block apps or disable features -- more than double taking the same step in 2021. Blocking or disabling apps and features is most prevalent in regulated organizations that often lack the tools required to ensure security and compliance for new features and collaboration modalities. Let's explore the most commonly disabled features.
1. Meeting recording
Most all meeting apps now let participants record a meeting. Companies with proactive security, governance and compliance strategies use clearly defined policies and procedures to cover the retention, archiving and access of these recordings. Those without a policy run the risk that recordings leak out of the company or may be accessible by those who shouldn't be able to access them. No company wants a recording of a sensitive meeting to be universally available throughout the organization, where it may be leaked beyond corporate boundaries.
2. Generative AI features
Generative AI features in collaboration apps include the ability to summarize documents and create content. Just 38.5% of companies in the study have a proactive strategy in place to ensure generative AI accuracy, classify documents, retain content and protect against data leakage.
Companies often block access to generative AI features, such as copilots and virtual assistants. This often leads employees to use publicly available tools, such as ChatGPT and Google Gemini, to obtain the technology's potential productivity benefits.
3. Meeting transcription and summarization
A primary use for generative AI is to automatically transcribe and summarize meetings, eliminating the need for manual note-taking. Some meeting and transcription tools can also identify and assign follow-on tasks. Meeting transcription and summarization present the same risk as meeting recording: Transcripts require classification and application of appropriate retention and data protection controls to meet compliance requirements and to minimize data leakage.
Accuracy of attribution is another risk. No AI meeting assistant is 100% accurate, and therefore, transcripts may contain errors in capture and attribution, potentially creating additional dangers and the need to keep recordings to validate transcription accuracy.
4. In-meeting chat and in-app chat
Chat within meetings -- or within apps such as project and task management tools -- creates several challenges, among them ensuring that conversations are captured for compliance purposes and that IT administrators have the capability to protect against harassment that may occur within chats.
5. Virtual whiteboards
Virtual whiteboard apps enable distributed teams to work together on a shared canvas. Apps are available within most meeting platforms, as well as from a variety of standalone providers. Some companies may wish to disable built-in virtual whiteboard apps if they lack the means to protect potentially sensitive content generated on them -- e.g., product designs or other intellectual property -- or if they lack the means to retain virtual whiteboard content for compliance purposes.
To minimize risk and achieve maximum ROI for collaboration, companies should establish a proactive collaboration security strategy that assesses potential risks and protects against them. Consider whether risk mitigation may include the need to disable specific collaboration features in your environment.
Irwin Lazar is president and principal analyst at Metrigy, where he leads coverage on the digital workplace. His research focus includes unified communications, VoIP, video conferencing and team collaboration.