Team collaboration: the hidden and not-so-hidden costs of guest accounts

Team collaboration tools are changing the world of work. Especially since pandemic lockdowns, they have opened the door to enhanced productivity and communication with partners and customers. In a world where digital has become the new normal, these tools are fast-becoming mission critical. However, there are hidden challenges to embracing this new way of working. When internal and external users don’t share the same platform, many are forced to opt for guest accounts.  

This can create unnecessary security, compliance, governance, and administrative challenges, not to mention a huge financial drain for organizations. To tackle these issues there is NextPlane, which allows users to collaborate internally and externally without leaving their preferred platforms. No more shadow IT, and no more gratuitous spending on guest accounts. 

No stopping team collaboration 

The popularity of team collaboration tools has soared in recent months. Microsoft recently announced that its Teams platform reached 115 million daily active users in October, which is up over 50% since April. A separate report from analyst Nemertes Research reveals that over 60% of organizations have already adopted team collaboration apps, and the figure will rise to 67% by 2021. Increasingly, these tools aren’t just being deployed to communicate internally, but also with external partners, contractors, and customers. NextPlane data shows that for half (49%) of organizations, business is being discussed or transacted with users from outside the company on team collaboration platforms rather than email.  

If employees are all using the same platforms, then there’s nothing to worry about. However, unfortunately, this isn’t the reality today. In fact, nearly 42% of organizations run more than one team collaboration app internally, according to Nemertes Research. These platforms don’t interoperate, which can cause significant challenges. 

What happens now? 

So what do you do? 

The first option would be to purchase full accounts and licenses for any external team members. However, that could end up being prohibitively expensive and comes with additional administrative headaches as that user would need a corporate email address and specific access rights assigning. An increasingly popular plan B is to resort to the guest accounts offered by most platforms today. There’s just one problem: these come with their own costs. 

The cost of guest accounts 

Guest accounts individually may seem like a trivial cost to bear. But these soon mount up once you calculate that hundreds or even thousands of users may need access, and that over two-fifths of organizations run multiple collaboration apps, meaning one user may need several guest accounts. So, what might the financial burden be? 

Slack guest accounts are not free, contrary to popular belief. In fact, Slack multi-channel guest accounts cost between $4 and $7 per user per month. Rackspace recently discovered that, since January 2020, its users have given out nearly 46,000 Slack guest accounts, at the cost of over $550,000 per quarter. 

Microsoft Teams offers guest access to an organization’s existing teams and channels. Guests in Teams can participate with full access to team chats, meetings, and files and a cost of between $3 and $6 per user per month.  

According to a McAfee study of its customers, an average of 2,906 guests are being added each month to Microsoft Teams by team owners and administrators. With an average of 367 teams added each month, the cost of new guest accounts is close to $6 million per month across this sample customer base alone. 

Cisco Webex Teams external accounts are free. However, managing external accounts requires a Cisco Webex Control Hub Pro Pack, which comes at an additional cost of over $30 per user per month. 

To these, we can add the productivity costs of users being forced to switch between and learn different user interfaces. Then there’s the extra administrative burden for IT. Microsoft, Slack, and Cisco allow IT to delete or remove guest accounts. But with contractors, interns, temps and customers coming and going all the time, the time and effort needed to manage these could be prohibitive.  

The hidden costs 

Unmanaged guest users are also a Chief Information Security Officer’s (CISO) worst nightmare. Without controls in place to monitor and regulate what they’re doing, users may: 

• Accidentally or deliberately share sensitive material with guest users 
• Unwittingly post infected files, potentially leading to data loss or malware uploads 
• Use Teams alongside integrated third-party applications which pose a security threat 

It must also be noted that without proper IT oversight, guest access could be left active even after a user has left an organization, allowing them to retain access to confidential information. Further, Slack, Microsoft Teams, and Cisco Webex Teams either don’t offer, or don’t provide by default, multi-factor authentication (MFA), meaning accounts could be hijacked via phishing or brute force attacks.   

What does this mean? 

While some team collaboration platforms allow IT to delete guest accounts assigned to external users, it’s likely that many of these remain active long after an individual has left their organization or changed roles. What’s more, administrators have no idea what their own users are doing on the guest accounts provided to them by external contacts. Their activity on these platforms remains an impenetrable black box, escalating cyber-related risk.  

Security gaps like these and those listed above could lead to serious security breaches. Nearly a third (30%) of data breaches analyzed by Verizon in 2020 were the result of internal actors. Most were likely caused accidentally, but malicious intent is not uncommon and can be motivated by money, corporate espionage, or even a workplace grudge.  

The cost of breaches 

According to IBM, the estimated global cost of a data breach stands at almost $3.9 million, rising to $8.6m in the US. However, costs can escalate significantly depending on the number of records stolen. A separate report claims that the cost of insider breaches has risen 30% since 2018, to stand today at over $11.4 million. It’s said to take more than two months on average to contain such an incident.  

Some of the expected impacts of a serious data breach include: 

• Regulatory fines (e.g., CCPA, GDPR) 
• Damaged brand reputation 
• Customer attrition 
• Negative impact on share price 
• IT overtime costs 
• Cost of remediation, clean-up, and response 
• Legal costs 

NextPlane—Collaboration Without Boundaries—Connect. Any Team. Anywhere. 

The answer to these challenges is NextPlane. 

NextPlane enables users on different team collaboration platforms to connect with their colleagues, clients, and partners inside or outside the enterprise.  

Users can chat and DM each other with rich text, GIF, and emoji reactions, share presence status, participate in channels, and share files without leaving their preferred platforms. That means: 

• There’s no need to buy expensive guest accounts for external collaboration 
• Your internal users can stay on corporate sanctioned collaboration platforms, boosting security and compliance 
• Employee productivity is enhanced because your users and their external colleagues can stay on their preferred platforms 
• IT administrators are freed from making numerous decisions around who should be allowed to be a guest, what they should be able to access, and the duration of their guest access privileges 

Using NextPlane, companies, such as IBM, Novo Nordisk, Ericsson, Emerson, and others, have saved millions of dollars by not purchasing guest accounts.