Enterprise Intranets: How Well Are You Protected?

Intranets are vital communication hubs for many companies. According to Simpplr’s Employee Engagement Statistics: 2018, over 70% of professionals involved in employee engagement and internal communications consider intranets to be an essential aspect of their strategy. Indeed, it is on corporate intranets where employees not only collaborate but also share their ideas, express opinions and attitudes to everything that happens in a company.

Taking into consideration the collaborative nature of intranets, it is obvious that already in a few months after their launch, they become homes to huge volumes of corporate content, from documents and manuals to onboarding guides and sensitive corporate data. This is exactly what makes intranets a weak point and an attractive target for malicious external and internal users. That’s true, the opportunity to monetize access to enterprise content allures.

Now, let’s explore some of the potential security risks within intranet environments, as well as take a look at possible preventive measures against malicious activities and security best practices to protect your corporate collaboration hub.

Year to year, the number of security violations keeps rising. For many businesses, it’s already a question of ‘when’ not ‘if.’ According to Accenture’s Ninth Annual Cost of Cybercrime Study, the number of breaches is up by 11% since 2018 and by 67% since 2014.

What’s worse, Clearswift Insider Threat Index 2017 showed that over 40% of security incidents come from within the organization. Although it’s fair to note that the majority of security incidents are accidental, it doesn’t reduce the damage they cause to companies’ digital assets and reputation. 

It’s worth mentioning that even businesses with strong security in place aren’t immune to cyber attacks. For example, Citrix’s internal network was breached in 2018, surrendering access to over six terabytes of data. It is ironic given that Citrix is a company that enables secure internal networks. The attack vector for this breach was mundane, as hackers exploited weak passwords, which showcases a persistent security issue that can’t always be mitigated by technology.

As you can understand, corporate intranets can’t stay away from security matters. With so much valuable content in databases, they are cyber-world titbits. When it comes to breaching a corporate portal, there are plenty of ways to do that: 

Applying a brute-force attack. It implies that an attacker tries hundreds and thousands of random passwords in hope of finding the right one and get access to a user account. This is where weak passwords can cause big troubles. 

Exploiting web application vulnerabilities. In this case, an attacker takes advantage of a web app’s flaw to access its database, disturb its operation, or use it as a path to other corporate resources. For example, broken authentication can let attackers access an intranet by leveraging exposed users’ credentials or session IDs.

Exploiting vulnerabilities in outdated software. Obsolete software with unpatched vulnerabilities behind an intranet can leave a loophole for hackers to sneak in. 

Phishing. It is old but very effective tactics, especially since many employees aren’t attentive or knowledgeable enough to recognize a phishing attempt. 

So what are the feasible ways to maintain a secure intranet? Luckily, software companies have been fighting this war for a while, and many intranet solutions, like SharePoint, offer must-have security features out of the box. That’s why to ensure basic protection of your corporate portal, it’s up to your intranet developers to just enable and adequately configure these default tools. To take the next step in their intranet security, companies can consider additional protection measures. Here are a few of them.

Usual email filters might not suffice when your intranet includes thousands of users and multiple potential breach points. That’s why using a custom email filtering service is always a good safety measure. Many intranet products include either built-in or integrated email filtering tools.

For example, companies that run their intranets on Office 365 and have their SharePoint Online integrated with Exchange Online can leverage cloud-based email filtering capabilities of Microsoft Exchange Online Protection (EOP). It can be configured to include additional messaging policies, which prevent specific types of potentially harmful emails from going through. It can also be used in a hybrid environment, where some of your inboxes are hosted in the cloud and some are on-premises. 

CSS attacks come with a malicious code injected into a web application. This is a popular method of gaining additional access rights or hijacking user accounts in order to penetrate the application secretly, which makes CSS an effective attack tactic in the hands of hackers who target intranets.  

Luckily, many intranet platforms already include cross-site scripting defenses. For example, Confluence doesn’t allow any raw HTML to be inserted into a page. Additionally, any HTML uploaded as a file attachment won’t be executed as a code but will stay a file to download. Finally, Confluence limits HTML editing capabilities to intranet admins only.   

Some intranet providers even choose to go the extra mile and tighten up their physical security. For instance, Samepage keeps all of its intranet data centers in the United States to limit potential attacks from other countries with less strict security measures. Such solutions won’t work for companies from the EU, as they have to comply with GDPR and store their data in Europe. Still, this can provide additional peace of mind to US-based companies. 

As it was mentioned before, a great number of cyber attacks come from within the organization and internal networks. The more people have access to a solution and its content, the less secure it is. 

That’s why applying secure content exchange techniques is a must to maintain a high level of security. Owners of SharePoint Online-based intranets within Office 365 can use Azure Rights Management Service, which helps intranet admins both encrypt content and apply specific restrictions to it, for example, to limit file forwarding via email. 

Organizations can apply plenty of methods to fortify their intranets. Keeping intranet software updated and applying the latest security patches is a minimum action every intranet owner should take to ensure that it doesn’t provide easy access to malicious actors.

Companies that look for higher levels of intranet safety should consider going beyond basic measures and implement advanced data protection and security monitoring features, such as data leak prevention (DLP) and advanced threat protection (ATP), as well as integrating the intranet with dedicated security solutions, such as Security Information and Event Management (SIEM) systems.

At the same time, security training stays an extremely effective yet often neglected security measure. If conducted regularly, security training raises the overall security awareness of intranet users, as well as explains to them how to prevent a whole range of security incidents, particularly those based on social engineering techniques. 

Companies that implement and run an enterprise intranet may feel like there is a target painted on their back, since intranets are highly attractive for cybercriminals. To stay on the safe side, it’s important to follow the development, customization, and integration requirements listed by intranet vendors. Organizations also have to keep in mind that intranet security isn’t a one-time measure but an ongoing activity that should be supported with relevant security tools and coupled with regular user training.

We develop and implement corporate portals that connect employees, facilitate enterprise collaboration and boost team productivity.