Joe - Can you share more details on how you have seen this happen? What exactly is the usecase happening?
I am reading this as not respecting permissions for contributing content in a community. If that is the case, isn't this a pretty serious bug not an enhancement?
Thanks for the clarification.
1 person found this helpful
It would be a situation where someone edited a document, disconnected it from the community, then published it to a different Jive community they were a member of.
My perspective is that it isn't a situation where someone would accidentally make this choice. It actually takes quite a few steps to accomplish. And if someone is going to do that, they can just as easily:
- Save the file locally, dump to a thumb drive and take it wherever
- Save the file locally and use a personal gmail or other email to send
- Take a photo of the screen and save that - completely undetectable
The issue that Jens outlines is the one instance where I can see this being a problem. But I could see that as an accidental problem with general posts as well. "Am I logged into the correct system/private space/secret group when posting my discussion about the M&A target?"
Our security already prevents saving to a thumb drive. All access to external emails, such as GMail, are blocked. Yes, they could take a photo I suppose.
To clarify, we're not worried about an accidental posting (although I suppose one could forget to disconnect from an external JIVE community and then publish). We're worried about employees deliberately circumventing the security steps that I mentioned and using the JIVE Office Plugin as a mechanism to move corporate assets off site.
1 person found this helpful
If someone is paid to gather competitive intelligence, I suspect they would be much less worried about how they deliver the information, just that they do. And in that case, I would consider that a camera (which all of us now have on our phones) is actually a very effective delivery mechanism. Especially if it is a personal phone, which would then not be at all traceable. All the data, in one location, that can then be easily dumped to whatever deliver mechanism you want.
I've actually had these kinds of discussions with a security officer before, and he was of the opinion that there was definitely a point of diminishing returns because people that are determined to get information out of the company will find a way.
Best of luck,
The use case is this. Someone is paid to gather competitive intelligence and deliver it to an external source.
They attempt to save it to a thumb drive but, outbound (write) access via all computer ports is disabled.
They attempt to email it themselves but, if they use corporate email a record will exist and they will be quickly caught. So, they attempt to do so via a public email server, e.g. GMail. However, all access to any such email servers is blocked.
They attempt to transfer it via a web resident Shared Drive, e.g. GoogleDrive. However, all access to any such File Shares is blocked.
Within the Jive Office Plugin, they authenticate to some external JIVE community. They click Publish. Voila! The file is transferred and in an undetected manner.
I get it. They are using a permissioned account on a different community to upload content. That is different from what I thought you had described. Thank you for the clarification!
AFAIK, Jive for Office cannot be restricted to particular accounts for Jive instances. You are able to setup any jive account, e.g. for a partner community etc.
Nevertheless the security risk is not higher with these additional publication targets at all. If somebody wants to share internal documents to anybody outside, it is easy without the Jive for Office Plugin, too! The user also can login into another community/page/tool and upload it by hand- this is also undetected.
I would say that Jive for Office only increases the risk that somebody publishes a document by accident to another jive instance if you have several accounts configured in Jive for Office... This risk is high when somebody publishes a document and the internal account is not the standard account.
I disagree, Jens.
We do monitor all external web sites and upload of local files is explicitly prevented. Can't get to Google Drive, Google Mail, or any other file sharing service or public email (or thumb drive). We take a lot of steps, specifically, to prevent any files from being transmitted outside of the company without explicit authorization. Unfortunately, the one known hole was publishing to an external JIVE community via this plugin. So, they've now removed it from all desktops in the company.
We *love* this plugin and found it very, very useful for collaboration and publishing. However, the only way security will allow it back into the environment, is if they can control the publish target JIVE communities.
Moreover, I'm told (anecdotally, I wasn't there in person) that this was raised at an off site security forum with other industry Cybersecurity groups present. This, in fact, was how it came to the attention of our own security team and then led to it being removed. I say all this to point out that we certainly aren't the first nor will we be the last ones forbidding the use of this plugin unless this hole can be effectively plugged.
1 person found this helpful
I'm the product manager for the Jive for Office/Outlook plugins.
I'll start off by stating that you are correct, users can add any number of Jive communities, and then use them to potentially upload sensitive files.
However, i'm not sure i fully understand the security concern here:
- The Jive for office plugin allows users to publish files to a Jive community.
- The publication done by using a standard HTTP protocol to issue a REST API on the Jive community side.
- The API call is similar to the API call performed by the browser (AJAX), when a user uploads a file to the Jive community through the browser (UI).
- Whitelisting a specific Jive community in the plugin, will not prevent the user from uploading the same file directly via the browser.
The last bullet is an assumption, as i do not know what are the security controls you have in place that makes the Jive for office a special snow flake that the security controls you have do not apply to it.
Happy to continue this discussion to better understand the use-case and need, to be able to come up with the right solution.
PS - this is the first time i'm hearing about security concern with the plugin, (in the 2+ years i've been owning it).