Secure Remote Meetings
Employees have finally adapted to working remotely and settled into new processes, but businesses that have enabled remote working capability shouldn’t breathe easy just yet. For many companies, the shift to working remotely came suddenly as lockdowns and closures of nonessential businesses were implemented. As a result, security features and policies were rushed or overlooked. Now that the dust has settled, it’s time to focus on security – starting with online meeting and conferencing.
Virtual Conference Solutions
There is a plethora of solutions to meet your virtual meeting needs, with various features and price points. Due to this, we won’t dive into specifics of each platform, but instead, highlight general security recommendations that apply to most options. These options your organization may have opted for included Zoom, Skype, Google Hangouts, Microsoft Teams, WebEx, BlueJeans, and more. We have linked each of these to their respective security pages so that you can begin your selection process.
Video Conferencing Policy
A video conferencing policy will outline your organization’s practices and procedures concerning any use of your selected platform, which can cover everything from day-to-day use to general security. This ensures employees have clear boundaries and expectations when using the designated platform.
Specific rules and requirements will vary by company and industry, such as if you’re dealing with sensitive information regarding customer health or financials. This policy will work to keep remote meetings safe and secure, and will include mandates such as preventing unauthorized recording of meetings or not allowing non-employees in the vicinity. The following 5 steps are great focal points for starting or updating your current policy:
1. Keep Applications Updated
If your IT team hasn’t cemented this into your head yet, it’s very important to keep all of your applications updated. Providers regularly push out updates not only to improve performance, but to improve security and mitigate weaknesses or vulnerabilities. Updating your application ensures no one can take advantage of known weaknesses to harm your organization.
2. Password Protect Meetings
Most platforms allow the functionality to set a password for meetings, ensuring the discussed content stays confidential. This is the easiest step towards keeping your meeting secure and preventing unwanted guests. Creating a unique password for each meeting is preferred, but setting unique passwords for each participant is ideal.
3. Use Secure Internet Connections
Public Wi-Fi is a gamble and should definitely be avoided (not that anyone is hanging out at coffee shops right now). Even your private home connection can be compromised. The safest bet is to utilize a virtual private network (VPN) for employee connectivity. Through a VPN, data that travels between devices is securely encrypted, providing much-desired privacy and security.
4. Prevent File Sharing
Forgo convenience for security and make it policy to not share files via meetings. In the event an outside party is able to join your meeting, they could be sending malicious content to compromise your computer or network. Instead, utilize a dedicated and secure file hosting site such as DropBox, Google Drive, or OneDrive.
5. Only Use What’s Necessary
As a general rule, disable things that aren’t necessary. If only the presenter or meeting organizer needs to share, disable this functionality for other attendees. If no one else needs to be on video or speaking, disable webcams and mics. This helps prevent unwanted disruptions and also improves meeting quality as eliminating video can save bandwidth.
Have you fully evaluated your chosen meeting service and drafted a policy around safe and expected use? Security can never be left entirely to a third party and you must ensure you’re protected. Utilize VendorWatch to assess a company and its application, ensuring it meets all of your security requirements such as SSO or 128-bit advanced encryption standard (AES) protection.