EXAMINE YOUR CURRENT VIDEO CONFERENCING SYSTEM/PC/MAC/TABLET & SMARTPHONE
Lots of things get better as they age; unfortunately, video conferencing systems are not one of them, they age like an open bottle of wine. The positive aspect is that more and more users are going over to lap and tablet based services. However for those that have a current video solution that is more than five years old, you could be dealing with outdated security that’s putting your customers, clients, employees, and the reputation of your company at risk. Updates will not make up for the inherent drawbacks of older technology. A few things that will help you decide if your current system is too big a risk (which we will discuss in more detail below) are: the type of data encryption the system uses; how callers log in; and how the system manages data. That being mentioned check our tablet and most importantly desktop or PC system and make sure there are security features in place. While services like FaceTime are virutally inpenetrable other services that are browser based (WebRTC) can be vulnerable. From hackers identifying your email address in the browser to creating spoofing emails and even update downloads. Check once, check twice to be safe.
BE THE MASTER
Your video conferencing service software and hardware should feature 128-bit Advanced Encryption Standard (AES) protection. Logically unbreakable, 128-bit encryption is a security measure that enables video conferencing systems to use a 128-bit key to encrypt and decrypt all video calls between systems. “The keys are automatically generated at the beginning of each video session, and according to research, are so strong, it would take a supercomputer one “billion billion” years to breach a 128-bit AES key. Nice” according to HighFive. Check your encryption again.
Most security-minded video conferencing systems use SSO for user authentication because it greatly reduces the risk of user credentials being stolen. A convenient win-win for both IT and users, SSO allows users to keep track of one set of credentials, and IT to track and control access to all video conferencing units in the system with ease. SSO credentials are tied to a user’s authorization and entitlements profile, IT can track where, when and how credentials are used. Better still, in the off-chance credentials are compromised, IT can quickly determine which video systems were breached, what occurred during the breach, and lock the system to control damage. Now for your PC, MAC etc… please review your credentials and how they are used. Check to see if the “last use” and make sure this matches your last use. If not… call IT!
LARGER ORGANIZATIONS SHOULD HAVE A VIDEO CONFERENCING POLICY IN PLACE
Like a Bring Your Own Device (BYOD) policy, a video conferencing policy enables you to set clear boundaries and expectations for users. In addition to outlining user permissions for conducting video conferences in-house, rules should take into account those who will be connecting remotely. Companies entrusted with especially sensitive information, such as hospitals and financial institutions will want to be specific about who users can connect with via video conference, such as pre-approved vendors and clients. A few guidelines most video conferencing policies include are:
Users must get permission to record a video conference from everyone on the call.
Personal mobile devices should not be used to record video conferences.
Sensitive information should be discussed in designated video conference rooms and not in public places or open office spaces.
Video conferences conducted at a user’s desk should train the camera to focus on the users face, and any visible confidential data should be removed from camera view.
Cameras and microphones should be turned off when not in use.
Remote control of cameras is for authenticated users only.
Most of this is “going away” as video is becoming more and more common place and secure. Eventually it will take over what our phone does today which is also moving away from a simple audio tool to a mobile personal device.
THE NEW VISIPLE SERVCES
Our services will be GDPR complaint meaning you have control of how your data is being used. The video and audio communication in our virtual meeting rooms is only visible to participants inside the room. It's not possible for another user to listen in on room data unless they are present in the room themselves (which means they would be visible to everyone in the room). Because the room URL is a public URL, it's possible for anyone who can guess a room name to enter an open room. If you want to prevent others from coming into the conversation, we provide a “lock room tool” which we recommend locking the room by clicking the Lock button in the room menu. After doing this no new participants will be able to enter the room without the owner's permission. This is thanks to the Knock feature, where a user can ask to be let in, and the owner can the let them in or stop them from joining. Simple as that!
Check back soon and we will show you our great new services and in the mean time please let us know if you have any questions. Be safe, be secure!