3 Strategies for Safe Collaboration in the Cloud

(This article I wrote was originally published on Reworked)

With 99% of businesses expected to be using at least one SaaS by the end of 2023, it's critical to ensure collaboration is secure. A framework to get started.

By the end of the year, virtually every company — 99% to be exact — will use one or more SaaS solutions. A move to the cloud opens the door to greater collaboration and efficiency, but it also can let in internal and external security threats. With 95% of cybersecurity breaches caused by human error, and the average cost of a data breach expected to surpass $5 million in 2023, how can organizations make it easy for employees to work together while at the same time keeping their digital workplace secure? 

Here are three strategies organizations can implement today to make it easy for people to collaborate securely in the digital workplace. 

Set the Foundation: Implement Robust Data Security Policies

The first step is to implement policies that minimize the risk of an accidental data breach. Think of bumpers on a bowling lane: You can play without them, but you run a high risk of rolling a gutter ball — which in our case is exposing the organization to a data breach. By always keeping the bumpers up, employees are guided to do the right thing without having to think about it. You increase their chances of bowling a strike, or giving them the freedom to innovate, without incurring as much risk. 

Sixty-four percent of organizations agree their exposure to data loss from cyberthreats has increased with the growth of employees working from home, according to Dell. Business-critical data must be secured at every juncture. By taking a Zero Trust approach to data access by mandating identity verification for both internal and external users before they can access essential data or workspaces. While this may add an extra step for users, policies like the Zero Trust architecture can play a key role in preventing employees from making costly errors. 

Keep Your House Clean: Automate SaaS Security Checks

Next, maintain the safety of your SaaS environment by avoiding data sprawl. For example, automate lifecycle management of collaborative workspaces, external user management and other data that may lose relevance over time. That lowers the risk of outdated workspaces and users being breached. Let’s say you’re using Microsoft 365 as your collaboration solution and you’ve recently terminated an external agency partnership; it's critical to remove those users from the tenant quickly and efficiently, so they no longer have access to proprietary data. Similarly, it’s a good idea to monitor usage and terminate any inactive sites, teams or channels.

When it comes to monitoring suspicious activity, organizations can also implement technology to help stay on top of your entire environment and flag any suspicious activity. Having this technology in place not only fortifies the bumpers from our bowling analogy — adding another layer of security to employee collaboration — while also providing privacy and data security teams the opportunity to take action early in the event of a breach. 

Include the Entire Neighborhood: Train and Educate Your Employees

Third, educate your employees. Eighty-two percent of data breaches involve a human element, including phishing and the use of stolen credentials. Knowing what to look out for is half the battle. A simple, but effective way to secure your organization's vital data is scheduling regular security trainings so privacy and information security teams can teach employees about these targeted threats. 

Another vital aspect is educating employees on how and why security policies are supporting, not hindering, their day-to-day work. Not everyone likes to bowl with the bumpers up, but when a gutter ball can cost an organization millions of dollars and hours of recovery time, it’s better to be safe than sorry. When employees understand what's at stake and how these policies can help them accelerate their innovation and productivity in a safe way, they'll typically be happy to comply.

Bring It All Together: Making the Most of Generative AI … Safely

We’re seeing this play out in real time with the rapid rise of generative AI use in the workplace. Generative AI offers great promise to save time and spark new ideas. At the same time, inadvertent leaks of proprietary information, creation and use of misinformation, and loss of control over your data are all real risks that need to be accounted for. Microsoft CEO Satya Nadella has stated that by 2025, 10% of all data will be produced by generative AI. This creates a huge amount of risk and makes it even more critical for organizations to have these bumpers in place to guide the way.

Many companies are deciding to ban or block the use of AI until further notice. All that may do is lead people to use it on their non-work devices, which can open you up to even greater risk. I believe if you use the same principles I shared above, you can make AI work. First, ensure that your organization implements policies to secure the business-critical data your employees will create. Next, automate data lifecycle management so you can keep a close eye on what is relevant amid the AI powered influx of data. Finally, educate your employees and have constant conversation about how the organization is empowering them to use new technology safely and securely.

It’s time to embrace the future with confidence, guided by effective strategies that help employees collaborate safely and securely in the digital workplace.