Webex Teams Security
A vulnerability in Cisco Webex Teams could allow an unauthenticated, remote attacker to manipulate file names within the messaging interface. The vulnerability exists because the affected software mishandles character rendering. An attacker could exploit this vulnerability by sharing a file within the application interface. Microsoft Teams has more extensive features in its free plan than Cisco Webex Meetings. Microsoft Teams and Cisco Webex Meetings have different levels of security but Webex provides better end-users control when it comes to management than Microsoft Teams. You need to consider what your company prioritizes. By default, all Webex customers get end-to-end encryption with dynamic keys stored in the cloud KMS, in Cisco's security realm. Hybrid Data Security moves the KMS and other security-related functions to your enterprise data center, so nobody but you holds the keys to your encrypted content.
-->- Webex asks you if you want to allow Cloud App Security access to your team information, activity log, and perform activities as a team member. To proceed, click Allow. Back in the Cloud App Security console, you should receive a message that Webex was successfully connected. Make sure the connection succeeded by clicking Test API.
- Cisco rolls out fix for Webex flaws that let hackers eavesdrop on meetings Security flaws found as Web conferencing spikes because of work-at-home routines. Dan Goodin - Nov 18, 2020 7:35 pm UTC.
As a communication and collaboration platform, Cisco Webex Teams enables streamlined communication and collaboration across your organization. Using Cisco Webex for your data and assets exchange may expose your sensitive organizational information to external users, for example, in chat rooms where they may also be participating in a conversation with your employees.
Connecting Cisco Webex Teams to Cloud App Security gives you improved insights into your users' activities, provides information protection detections, and enables automated governance controls.
Main threats
- Compromised accounts and insider threats
- Data leakage
- Insufficient security awareness
- Ransomware
- Unmanaged bring your own device (BYOD)
How Cloud App Security helps to protect your environment
Control Cisco Webex Teams with built-in policies and policy templates
You can use the following built-in policy templates to detect and notify you about potential threats:
| Type | Name |
|---|---|
| Built-in anomaly detection policy | Activity performed by terminated user (requires AAD as IdP) Multiple failed login attempts Ransomware detection Unusual file deletion activities Unusual file share activities Unusual multiple file download activities |
| File policy template | Detect a file shared with an unauthorized domain Detect a file shared with personal email addresses Detect files with PII/PCI/PHI |
| Activity policy template | Mass download by a single user Potential ransomware activity |
For more information about creating policies, see Create a policy.
Automate governance controls
In addition to monitoring for potential threats, you can apply and automate the following Cisco Webex Teams governance actions to remediate detected threats:
Webex Security Best Practices
| Type | Action |
|---|---|
| User governance | - Notify user on alert (via Azure AD) - Require user to sign in again (via Azure AD) - Suspend user (via Azure AD) |
| Data governance | - Trash file |
For more information about remediating threats from apps, see Governing connected apps.
Protect Cisco Webex Teams in real time
Review our best practices for securing and collaborating with external users and blocking and protecting the download of sensitive data to unmanaged or risky devices.
Webex Security Concerns
Next steps