Woman video chats at desk.
Typical video conference security risks include meeting bombing, stolen meeting links and data breaches. — Getty Images / ake1150sb

In today’s COVID era, most businesses are operating remotely and relying on video conferencing for communication. And as we all know, anything done online has its security risks. Here are some tips for improving your video conference security.

[Read: Coronavirus Small Business Guide]

Possible video conference risks

Video conferencing has quickly become a vital tool for businesses to continue daily operations. Hackers have used this newfound necessity for video conferencing as an opportunity to attack vulnerable meeting rooms. Here are some meeting room risks to be aware of:

  • Meeting bombing: This is when an uninvited guest joins a video conference call to either disrupt the meeting by sharing inappropriate media or to eavesdrop. Meeting bombing happens more frequently when the host doesn’t require a password for the meeting or when you reuse the same meeting ID.
  • Malicious links in chats: Once an attacker has gained access to your meeting room, they can share malicious links in the chat that once clicked will allow them to steal participants’ credentials and other proprietary information.
  • Stolen meeting links: While reusing meeting links may be more convenient for the organizer, it also makes it easier for attackers to gain access to them as well. To prevent your meeting link from being stolen, turn on notifications that will notify you when someone has joined the meeting without you and disable the “Join Before Host” option.
  • Data breach: Hackers are usually interested in attacking meeting rooms to steal participants’ data. It’s important to have data protection agreements in place with third parties to outline the proper security controls, such as data encryption and role-based controls for authorized users to access.

[Read: 5 Expert Tips for Improving Video Streaming Quality]

Keeping your video conferencing software up to date is important to minimize security risks.

Video conference security best practices

In light of the possible risks when using video conferencing software, here are some tips and best practices to help ensure video isn’t a source of vulnerability for your business:

  • Make sure your current video conferencing system is up to date. Keeping your video conferencing software up to date is important to minimize security risks, especially if the software you’re using is more than five years old. At which point, it may be more prudent to upgrade your video conferencing software altogether. Considering the following points to solidify your decision to upgrade: the type of data encryption your video conferencing software uses, how the system manages data and how callers log into the system.
  • Use single sign-on (SSO) for user authentication. Using single sign-on (SSO) authentication reduces the likelihood of user credentials being lost, stolen or compromised. And because SSO credentials are tied to a user’s profile, your IT department can track when, where and how credentials are being used. In the event of a data breach, your IT department can quickly identify which set of credentials was used to initiate the breach and lock down the compromised system to minimize the damage.
  • Require passwords for all meetings. One of the easiest video conferencing security measures you can enforce is to require new passwords for each meeting. Think of this as the virtual equivalent of recognizing the participants’ faces during face-to-face meetings in physical conference rooms.
  • Don’t reuse the same meeting IDs. Just as you shouldn’t reuse the same password for every meeting, use a unique meeting ID whenever possible. While reusing the same meeting ID is more convenient for the organizer, it makes it easier for meeting bombers to attend and possibly hijack your meetings.
  • Disable “Join Before Host.” To minimize the chance of unknown participants joining your video conference, be sure to disable the “Join Before Host” option and use the waiting room function instead.
  • Verify attendees and lock meetings. By utilizing the waiting room function, the host can review and admit the verified attendees. Once all of the attendees have been admitted to the meeting, the host can “lock” the meeting room to prevent anyone else from joining.
  • Report suspicious activity to IT. Don’t hesitate to report any suspicious activity to your Information Security and IT departments immediately.

[Read: 5 Zoom Alternatives for Businesses]

CO— aims to bring you inspiration from leading respected experts. However, before making any business decision, you should consult a professional who can advise you based on your individual situation.

Want to read more? Be sure to follow us on LinkedIn!

Published May 19, 2020