No Jitter is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Avoid Video Conferencing Security Mistakes

Nuanpan_AdobeStock_335210462.jpg

Image: Nuanpan - stock.adobe.com
A surge in remote working practices driven by stay-at-home measures to inhibit the spread of coronavirus (COVID-19) is making collaboration technology a crucial part of business continuity. As employees continue to adapt and transition to telecommuting, organizations are scrambling to provide them with tools and technology to do their jobs from anywhere. The rapid way this crisis unfolded has left some enterprises unprepared to lock down employee communication and collaboration and securely evolve with new norms in how and where work gets done.
 
Many enterprises struggled to scale security in response to the rapid COVID-19 changeover to working remotely. A respondent to an (ISC)2 survey captured the implications of this noting that COVID-19 hit organizations “with all the necessary ingredients to fuel cybercrime: 100% work from home before most organizations were ready…[and] remote workforce technology supported by vendors driven by ‘new feature time to market’ and NOT security…”
 
Rapidly scaling solutions to support a remote workforce have placed a spotlight on security shortcomings of video conferencing platforms that many companies use for communication. These tools, while easy to use, were found lacking in enterprise-grade security protocols, exposing organizations to major protection and privacy risks. With remote working practices rising in popularity, video conferencing capabilities will be even more of an essential component of a secure business communication platform, along with messaging and voice capabilities.
 
Many businesses predict that remote working will become the ongoing normal post-pandemic. For example, a Gartner survey of CFOs found that 74% of respondents intend to shift some employees to remote work permanently post-COVID-19. This transfer will make it critical for enterprises to reexamine the collaboration tools being utilized and take steps to mitigate risk by ensuring their video conferencing solutions contain the end-to-end encryption needed to secure business communication.
 
What’s new about video conferencing is the increasing sophistication of cybercriminals in targeting and exploiting vulnerabilities in video conferencing technologies that lack end-to-end encryption. To correct the issue, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) issued guidance tips for securing video conferencing, which advised only using company-approved video conferencing tools. The employee use of nonregulated apps for business communication increases the cyberattack surface for enterprises. A 451 research report noted that “organizations are unaware of how extensively employees are using non-sanctioned apps in the workplace, opening the door to privacy, compliance and security risks.”
 
The security risks and vulnerabilities associated with popular video conferencing solutions generally include:
  • Unauthorized access to private meetings made easy because authentication isn’t required.
  • Data transmission that isn’t secure.
  • Threat actors using the chat feature of these tools to spread malicious links or upload files.
  • Hackers potentially uploading video conferencing credentials on the dark web, putting a company’s sensitive and business critical information at risk of exposure.
  • Noncompliance with government regulations like the Health Insurance Portability and Accountability Act (HIPAA) and the Sarbanes-Oxley Act of 2002 that require medical providers, financial institutions and other companies to secure all electronic customer and patient data including data transmitted in video conferences.
  • Broader privacy policies that allow video conferencing solution providers to collect and store a wide range of data such as video, cloud recordings, files, messages, and documents shared on-screen during a meeting.
In its campaign to securely support a productive, collaborative remote workforce, video conferencing technology has become mission-critical for companies. Messaging platforms used by enterprises must offer robust capabilities that include secure video messaging along with voice and text for a versatile communication tool. The safest option for digital communications is a collaboration platform that features authentic end-to-end encryption. Such platforms contain the security and compliance protocols that most effectively lock down digital communications.
 
With the growing remote workforce and widespread adoption of video conferencing technologies, a top priority for enterprises has become tackling the security challenges that enable an agile working environment. To help them address these challenges, solution providers should prioritize providing enterprise-grade collaboration tools that bring together seamless, secure collaboration delivered on a platform that encrypts conversations end-to-end.


For more insight into the changing role of meeting room video conferencing in the COVID-impacted business world, attend the Enterprise Connect Digital Conference & Expo 2020 taking place online Aug. 3 to 6. On Thursday, Aug. 6, industry analyst Ira Weinstein will be presenting the session, “Meeting Rooms & the New Normal,” from 3:30 p.m. to 4:15 p.m. The session will conclude with a live chat Q&A; to participate, register now!

Recommended Reading: