With so many Australian businesses enabling remote work in the current COVID-19 pandemic, it’s critical that you implement secure video conferencing to protect your business from cyber crime.
The pandemic has, unsurprisingly seen a rapid growth in COVID-19 cyber crime and video conferencing tools may be particularly vulnerable. Here are some tips on how to select and implement a secure video conferencing tool.
Selecting your Video Conferencing Solution
Before choosing a provider, it’s important that organisations ask:
Where is the provider based?
The use of offshore providers creates additional security and business risks. Foreign owned service providers who operate in Australia may be subject to the laws of a foreign country and subject to lawful and covert data requests, and can access a businesses data without their knowledge.
Does the service provider use strong encryption?
Data should be encrypted both while it is at rest and in transit. This is to ensure if can’t be read by others. For video conferencing solutions, determine whether they use strong end-to-end encryption such as Transport Layer Security (TLS) to protect data while it is in transit.
How reliable and scalable is the solution?
Ensure that your solution will both reliable and scalable in times of high demand. Determine the capabilities of your solution, including how many simultaneous connections can be supported
Are security and privacy requirements being met?
Pay specific attention in terms and conditions to claims of ownership of any recorded conversations, content, meta data or files that are created or shared using their conferencing solution. Ensure that the provider’s terms and conditions meet Australian privacy laws and liability rules.
Reviewing a provider’s previous track record is also useful in determining how they deal with privacy and cyber security issues, and if they disclose and take action to remedy vulnerabilities.
Implementing your Video Conferencing Solution
Ensure the web conferencing solution is configured securely as recommended by your provider, and to meet any additional business security needs. You may need to access expert IT support to ensure this is done correctly. Also ensure that staff accessing the tool on personal devices have updated the latest security patches, and that staff devices are as secure as possible (within reason).
Using Your Video Conferencing Solution
To maintain good security practices we recommend you practice the following:
Manage Meetings Securely
Consider how initiations, links and access credentials will be distributed to meeting participants by the meeting host. Send details separately by email if inviting guests and do not share links or credentials on public websites or social media. Regularly update access credentials to reduce the risk of people joining meetings that they aren’t invited to.
Be Wary of Unknown Participants
Consider locking your video conferencing meeting so no one else can join, or if that’s not possible, request that any unknown participants who join a meeting to identify themselves. If they are unable to do so, they should be disconnected by the meeting host.
Be mindful of conversations, especially if they are of a sensitive or confidential matter. Limit discussions of this nature where possible, and ideally set expectations before meetings, especially if the contents will be recorded or made public.
With so many users now working remotely from home, in rooms not purpose designed for conference calls, it’s important that all participants be aware of their surroundings. Ideally, everyone should use headphones if in a shared room or environment, so discussions are not overheard. Muting the microphone when speaking can also eliminate unwanted background noise, and prevents broadcasting private discussions.
Ensure too that your participants are aware of their background so other meeting participants don’t view private, sensitive or embarrassing things in their working space. Many video conferencing tools offer blurring or background screens, but if this is not available, try to position the camera to capture only participants faces.
Be Wary of Sharing
Some video conferencing tools have the capability to record and automatically transcribe call, subtitle videos or share files. This can create a risk of inadvertently sharing more content then intended.
If sharing screen content, it is best practice to share an individual application rather than an entire screen to minimise security risks, and have the host sharing this content, rather than allowing all participants to share it.
With so many Australian employees working remotely and accessing video conferencing tools, it’s more important than ever that Australian businesses implement secure video conferencing tools and practices to protect important data from security breaches.
Contact Surety IT for expert advice on business video conferencing security, cyber security and IT support.
We also recommend reading The Importance of Secure Video Conferencing in your business.