Perception of Cyber Security of MS Teams:

Safety of Information

____________________

A Research Paper

Presented to the Senior High School Department

Cebu Institute of Technology University

Cebu City, Philippines

____________________

In Partial Fulfillment

of the Requirements for Practical Research 2

Quantitative Research

____________________

by

Alcontin JR., Raymundo C.

Badana, Rhea Lou A.

Espada, Ehrica Jynne M.

Lingaolingao, Alysssandra Blanche

Pusing, Joshua Daniel B.

Raganas, Yancy Gabriel

Tabasa, Martin John V.

Taghoy, Ron Luigi F.

October 2021
 Table of Contents

Page

Abstract iii

Acknowledgement iv

List of Tables vi

List of Figures vii

Chapter 1 INTRODUCTION 1

1.1 Background of the Study/Rationale 1

1.2 Problem Statement 2

1.3 Scope and Limitation 3

1.4 Purpose of the Study 4

1.5 Definition of Terms 5

 Chapter 1
INTRODUCTION

1.1 Background of the Study

Schools can now deliver efficient classroom training through the Web in this
age of technological innovation (Paul and Jefferson, 2019). Since the lockdown,
students are not allowed to go to school Face to face because of the Global
Pandemic coronavirus disease of 2019. Schools found a way to make students
attend classes without going outside, and that is Online Classes. An internet
connection has been crucial in globalization to enhance human activities in
various economic, cultural, defense, and many others (Fallows, 2004). Many
learning platforms can continue the education of the students. MS Teams is one
of the learning platforms that teachers use in educating and communicating with
the students.

MS Teams brings all the other products together, gets users collaborating,
and opens several lines of communication all from a single interface (Petters,
2020). MS Teams has many functions like Creating a channel, sharing files,
chatting, and video sharing. MS Teams need data to access these functions, and
so that is where the problems come in Data Safety. According to Jones (2021),
DataData is at the heart of every organization, so the tools we use in the
workplace must keep our data secure and protect its integrity. One Misclick in
MS Teams can make your data accessible and exposed to anyone on the
internet. Students and teachers must always take precautions to safeguard their
Data to avoid various types of Cyber Attacks such as Phishing and Data
Extortion.

Students and Teachers must also back up their data just in case since there
are attackers who can access your Data if they have licenses and are also part of
 2

the team/channel you belong to. Furthermore, Grant (2021) added that the
attacker could disguise themselves as the victim and send emails and messages
on their behalf, potentially allowing them to conduct further social engineering
attacks within the organization.
 3

Rationale

(Tabasa) Since classes have been suspended due to Covid-19, the

global lockdown of educational institutions has had a tremendous impact on
students (Burgess & Sievertsen, 2020). Due to the epidemic, online
environments have become the new learning system since holding a regular
class that is face-to-face is prohibited. The school is looking for alternative
learning platforms to ensure that pupils' education is not interrupted. Microsoft
Teams serves as the educational platform on which instruction takes place.

(Tabasa) Students and teachers will better understand the security of Ms Teams'
information as a result of this study. Before we begin, let us define Ms Teams.
According to the Microsoft website, Ms Teams is a web-based communication
tool that enables businesses and others to collaborate effectively. Ms Teams
includes a quick tool for finding or creating channels, sharing files, making
announcements, a quick calendar tool for finding scheduled meetings, a rapid
activity tool for reading unread conversations, and Replies. (Alcontin) And to this
end, we'd like to educate students on the data collection practices of Microsoft
Teams. The following data is collected: conversations, census data, user data,
call history, shared files, and images.

(Alcontin) While the primary objective is to raise public awareness of information

security, which can be an issue in identity theft, data extortion, equipment theft,
and even unauthorized access to communications, external threats are a
significant risk for Microsoft Teams. Threats may emerge from anyone opening a
website, creating an account, spamming links, or engaging in suspicious
behavior that allows them to access the victim's information. In this case, we
cannot rely on Microsoft Teams because it is vulnerable enough to be used by
anyone everywhere for personal conversations.
 4

(Tabasa) However, the Microsoft Ignite website states that they require two-
factor authentication at the team and organizational levels and single sign-on via
Active Directory and data encryption in transit and at rest. SharePoint encryption
safeguards the files that are stored in SharePoint. OneNote securely holds and
protects notes. The OneNote data is stored on the team's SharePoint site.
Additionally, the Wiki tab can be used to take notes, and its contents are stored
on the team's SharePoint site. Additionally, Ms Teams used ATP in SharePoint
and OneDrive. ATP enables you to detect whether the content contained within
these programs is harmful and to block users from viewing it.

(Tabasa) Regardless of the price of your device, you must understand the critical
nature of cyber security. Cyber security can safeguard various types of data,
including private information, government information, personal data, and
sensitive data. (Alcontin) Microsoft Teams is one of the most secure options
available and may store a significant amount of sensitive company data in shared
files and personal chats. However, attackers are constantly looking for novel,
sophisticated methods of breaking into even the most secure systems (Jones,
2021).(Tabasa) Without cyber security awareness, you put yourself in danger
and increase your vulnerability to attackers. Lack of understanding about cyber
security puts you at risk and makes you a more attractive target for
cybercriminals.

(Tabasa) Additionally, cyber security's effect continues to expand.

Fundamentally, our society is more reliant on technology than ever before, and
this tendency does not appear to be slowing. Social media accounts are now
publicizing data leaks that may result in identity theft. Social security numbers,
credit card numbers, and bank account data are now saved in cloud storage
services like Dropbox or Google Drive (Tunggal & Sen, 2021).
 5

1.2 Statement of the Problem

This study aims to discover CIT-U students' perspectives on their cyber

security knowledge, especially when using the Microsoft Teams application. This
study's objective is to answer the following questions:

1. What is the comprehensive understanding of CIT-U students regarding

cyber security?

2. What is the CIT-U students’ perception of Microsoft Teams’ cyber

security?

3. What is the CIT-U students' understanding of cyber attacks that can affect
MS Teams, like phishing, malware, and viruses that steal your educational
account information?
 6

1.3 Scope and Limitation

This study focuses on the safety of a student's personal information in

using the MS Teams application. It also focuses on what can happen if MS
Teams can't protect the information. Now that we can't meet in person due to the
pandemic, researchers will switch to online surveys using Google Forms to know
if students already know how safe this said application is in keeping information.
This research aims to determine whether MS Teams is a reliable program,
particularly for students' sensitive data. This research will educate students on
the privacy and security of Microsoft Teams' data.

Due to the nature of the research questions, this study was primarily
quantitative in nature. Respondents will be limited to online students enrolled in
the senior high school department at Cebu Institute of Technology - University
from varying strands and sections. Due to the researchers' inability to deliver
physical copies of the survey questions, a Google Forms questionnaire will be
distributed to exactly 100 respondents.
 7

1.4 Purpose of the Study

The COVID-19 pandemic has impacted multiple systems

throughout the country. This sudden transition has thrown the school system into
disarray. As a result, educational institutions are being driven to embrace new
learning methods through online learning and modules. Platforms such as
Microsoft Teams, Zoom, and Google Meet have a significant impact on the daily
lives of students and teachers. CIT-University is now using an application called
MS Teams to serve as an online classroom. The vital purpose of the
investigation is to determine whether cyber attacks on Microsoft Teams
jeopardize our ability to maintain data security. Moreover, it seeks to increase
awareness of the application's shortcomings and drawbacks.

As such, the findings of this research will produce an output that can serve a
variety of objectives for different types of people. The outcomes of this research
will be immensely beneficial and significant to the following organizations and
groups of people: Cebu Institute of Technology University (CIT-U), CIT-U STEM
SHS students, parents, and future researchers that are aiming to conduct a
research topic identical to this one.

Cebu Institute of Technology – University:

This research will provide the University with broad information on the
application's safety. The University can identify areas for development based on
input from its students obtained through this research.

Students:

CIT University's SHS students are the group from which this research will collect
data. The provided survey questions will serve as an awareness to the students
about the safety of their information.
 8

Parents:

Parents of SHS students can use this research to determine their children's
information security. Given that the majority of the parents are concerned about
their children's safety, the survey results can provide parents with explanations
about the said issue.

The Future Researchers:

Future researchers will benefit from this study since the findings will serve as a
trustworthy reference point for future research, assuming they conduct research
comparable to those presented in the paper.
 9

1.5 Definition of Terms

The definition of terms is intended to further understand words and

unusual terms used in the study. The terms are defined operationally.

ATP (Advanced Threat Protection) - It is a security feature in MS Teams that

defends the user from malware or virus attacks that target the user’s data.

Cyber Criminals – It is a term used in individuals or groups of people in which

they use technology or gadget to commit cybercrime or malicious attacks on
digital users. They are the threat in the study.

Cyber Security - It is an application that controls users, systems, programs, and

networks to protect them from getting hacked against cyber-attacks.

Data Extortion - It is a demandable form of attack in which the attacker holds

data and asks for payment or ransom. It is one of the cybersecurity problems
distinguished in the study.

Dropbox – It is used as a cloud storage for files, images, documents, and others.
It helps the user keep data or put it in one place. It is also one of the useful
applications for online classes.

Google Drive - It is used as a storage for files, images, documents, and others.
It helps the user keep data or store it in one place. It is also one of the useful
applications for online classes.

Google Meet - It is a video-communication service in which the user can call,

share a video, and have a virtual meeting with other users. It is one of the
application features MS Teams provided for communication purposes.
 10

Malware - It is a form of software in which the user clicked an unreliable link or

downloaded an undependable application to harm the user’s device. It is one of
the cybersecurity problems or threats distinguished in the study.

MS Teams - This application is used for business, communication, and

educational purposes. This is the primary application used in online classes for
the CIT-U students, also this application is the subject used in the study.

OneNote - It is one of the application features in MS Teams in which the user

can take note of information, share information, and collaborate ideas or
information with other users.

Phishing - It is a fraudulent form of attack in which the attacker sends

attachments or links that can perform bad action, such as revealing personal
information or password. It is one of the cyber security problems distinguished in
the study.

SharePoint - It is one of the app features in MS Teams in which the user can
organize, share, store, and access their information on any device.

Two-factor authentication - It is a security process in which the user needs to

provide secondary information to verify their access. It is one of the app features
MS Teams have provided for security purposes.

Virus - It is a sent code in which the attacker types the program or code to
change the way the computer operates, and it can harm the used gadget. It is
one of the cybersecurity problems or threats distinguished in the study.

Wiki Tab – It is a smart-text- editor and it is one of the application features in MS

Teams in which the user can edit, draft, and chat with other users.