Contents:
If a company aims to be modern, innovative and, ultimately, effective, if some of its goals are growth and even globalization, using the progress of technology to its advantage is a must. You need to build and maintain quality relationships with partners, investors, suppliers, customers, and, last but not least, with your internal teams. Although it has been used before and will continue to be used long after 2022, secure video conferencing is especially helpful now that many companies adopted the work from home policy.
Video conferencing is a type of online or distance meeting where two or more people can connect and interact with each other using endpoints or mobile devices with embedded or attached webcams.
Video Conferencing Threats
Security settings
Security settings might never be entirely safe, according to UnifySquare, because conference platforms are so complex and there are so many aspects to take into consideration. They are crucial, though, to secure video conferencing.
Phishing
Tools like Slack, Zoom or Microsoft Teams include chats that can be used for phishing attacks. Hackers might steal credentials and deliver malware payloads through links and attachments, just like they would do by e-mail. (If you need more information on this, you can always consult our Cyber Security Glossary.)
Recordings exposure
Another issue regarding video conferencing tools is that data leakage might occur due to non-existing recording policy, lack of complex passwords, or default password requirements.
Potentially representative text chats
Any private chats between the host and a meeting’s participants will be included in the meeting’s video recording. If the host shares the meeting folder with members of the company, the content of the private chats will also be shared.
Privacy risks
The webcam of your device represents a window into your world. There is a possibility that you may mistakenly leave it open or connect remotely to a conference call in a public place, with unsecure Wi-Fi, which might grant hackers access even to that particular call. As you can see, there are multiple risks related to business video conferencing. Trust our word, though, that there are also multiple precautions you can take in order to protect your company’s cybersecurity.
Best Practices on Video Conferencing
1. Always password protect the meetings
Lack of passwords may lead to an external user managing to obtain the meeting ID and crashing the meeting. While you can’t really control the part where an outsider gets a meeting ID, you can, however, make sure that you set passwords for all your video conference meetings.
2. Use two-factor or multi-factor authentication
It is recommended to add an extra layer of protection by setting up two-factor or multi-factor authentication. These require an additional code when someone signs in to an account, which is usually received as a text message on his phone.
3. Use waiting rooms or lobbies
Many secure video conferencing tools include the waiting room or lobby feature, where participants must wait before the host allows them to join the meeting. This feature is particularly useful because the ability to check when, how many people and who is trying to join the meeting eliminates the risk of the wrong people having access to the conference.
4. Make use of host control
Host control offers the possibility to mute or remove participants or to lock the meeting room altogether, in order to prevent interruptions once the meeting has started.
5. Announce participants if the meeting will be recorded
If there is a chance for sensitive data or information to be on the table at a particular meeting, attendees should be notified if that meeting will be recorded. Everyone needs to be on the same page when it comes to privacy issues.
6. Deactivate file transfer features
Hackers who want to take advantage of the rising popularity (and need) of video conference tools won’t hesitate to use meetings or chat rooms to upload compromised files. In order to avoid this, consider disabling the file transfer feature and use e-mail, for instance, instead.
7. Pay attention to phishing and other online scams
Never access unknown links and never click on unknown attachments in unsolicited e-mails and be careful even if they seem legitimate. Phishing e-mails usually contain links or attachments designed to access sensitive personal information or install malware on your device. Joining an online meeting from an infected device may make you and other attendees vulnerable to security and privacy threats. You can make sure that your e-mail communication is secure by trying our Heimdal Email Fraud Prevention. This solution alerts you regarding fraud attempts, business e-mail compromise (BEC), and impersonation, having over 125 analysis vectors continuously monitoring your email communication.
8. Ensure your home network security
Although it’s essential for your company to have a strong security system, you and your colleagues must also make sure that you have a secure home network in order to enjoy the benefits of secure video conferencing. How can you do that?
- set up firewalls to keep out unwanted guests.
- reset your router’s default login username and password and make sure that your router has up-to-date, secure encryption like WPA2 or WPA3.
- make sure your network settings are up to date with the latest security patches.
9. Don’t forget to update your video conferencing tool
Malicious elements looking for software flaws to exploit can always make use of patches when adding a new feature or fixing bugs and vulnerabilities. Read more about patch management here and don’t forget to always update your apps . If you want to speed up and automate the patching process, check our patching solution.
10. Install security software
All of your devices should benefit from strong security software if you want to focus on your tasks and your company’s evolution, and not on fixing cybersecurity problems. For that matter, we recommend Heimdal EDR. This product has a modular nature, which allows you to build your cybersecurity in layers, prevent data breaches and obtain actionable insights. DNS filtering, traffic-based malware blocking, attack forensics & source identifier, antivirus, privileged access management and software patching are just some of the features that will transform your company’s security system into a real fortress.
- Next-gen Antivirus & Firewall which stops known threats;
- DNS traffic filter which stops unknown threats;
- Automatic patches for your software and apps with no interruptions;
- Privileged Access Management and Application Control, all in one unified dashboard
5 tools to consider for secure video conferencing
1. Microsoft Teams
Up to 10,000 participants, full Microsoft 365 integration, schedule invites, captioning and background blur are the main features of Microsoft Teams. The advantage of the full Microsoft 365 integration is that, while calls can be easily scheduled among your company’s members, external guests can join directly from their browser, without downloading the application. Microsoft Teams provides screen sharing, call recording, live captions, chat functionalities plus some hardware options very useful to the users, like Bluetooth conferencing headsets that can power communication.
2. Google Meet
Google Meet, formerly Google Hangouts Meet, is a secure video conferencing tool that offers G suite integration, accessibility and competitive pricing. Recently rebranded, Google Meet has been developed specifically for business needs and aims to simplify the collaboration with external clients. To that effect, it provides a web app experience (so no software to download) and a dedicated dial-in number, which helps to maintain the line quality and rules out drop-outs. Google Meet functions perfectly on Google Chrome, Mozilla Firefox and Microsoft Edge browsers.
3. Zoom Meetings
This video conference tool offers a free tier and is very simple to use. It works both on desktop and mobile devices, it provides HD video and audio, it can support up to 1,000 participants at the same time and up to 49 videos on a single screen. Additionally, meetings can be saved locally or to the cloud and you can also save transcripts that have searchable text. Zoom Meetings also includes a team chat feature which allows files sharing, searchable history, and a ten-year archive. Moreover, this tool allows you to escalate meetings into one-on-one calls.
4. GoToMeeting
GoToMeeting is a web conferencing service offered by LogMeIn. Its main asset is that this tool is very mobile-friendly – you can set up and start a conference directly from your smartphone. A Business plan tier starts from 19$ per month (or 16$ if paid annually) – if you choose this option, up to 250 people can participate. Their Enterprise plan can include up to 3,000.
5. Lifesize
The Lifesize offer includes high-definition video conferencing endpoints, touchscreen conference room phones and a cloud-based video collaboration platform. At Lifesize there are 3 pricing levels:
- Lifesize Standard, 16.95$ per host per year – unlimited meetings for up to 100 participants.
- Lifesize Plus, requires a minimum of 15 hosts, 14.95$ per host per month – up to 300 participants.
- Lifesize Enterprise, 12.95$ per month, with a minimum of 50 hosts – up to 1,000 viewers.
As you probably know or imagine, video conferencing offers a large variety of benefits to businesses: it saves time, reduces travel expenses, boosts productivity, especially in the work-from-home context, and promotes collaboration. As any online interaction, though, it can also leave you vulnerable to security and privacy breaches.
Wrapping Up
It is clear that nowadays secure video conferencing plays a major role in any business and will continue to gain relevance. It is also important for it to be maintained like this, so as not to become a means to expose sensitive data and information to anyone who lurks in the shadows of the Web, waiting for the perfect occasion to attack.
Please remember that Heimdal™ Security always has your back and that our team is here to help you protect your home and your company against cyber threats and to create a cybersecurity culture to the benefit of anyone who wants to learn more about it.
Drop a line below if you have any comments, questions or suggestions – we are all ears and can’t wait to hear your thoughts!