Los Alamitos, CA (May 29, 2020) –
Advanced technology and the availability of online and teleconferencing software has certainly helped ease the transition to working remotely for many businesses. However, these virtual meeting platforms, while increasingly popular and essential during the Covid-19 pandemic, are not always completely secure. A crucial lifeline for many remote employees is the ever-faithful video conferencing tool. It plays a vital role in keeping employees connected . However, as can be expected, anything being used consistently by many workers will also become an attack target of cyber miscreants.
Here are some tips to help businesses host remote meetings in a secure and private manner. Note, these are general recommendations, not vendor-specific ones. Not every product will support these features, but if available, they should be implemented.
Enforce meeting starting rights. Some tools have the option to start a meeting as soon as the first guest arrives — much like a physical meeting, where attendees stream into a conference room before the host and start chatting. Organizations should disable this option if the meeting requires the host to control the official start of the meeting. This is also critical with meetings getting forwarded and unapproved individuals attending.
Don’t reuse the same meeting ID. While having the same meeting ID session after session makes it convenient for the host to share, this is equally convenient for meeting bombers – aka squatters – who, once they get ahold of an ID, arrive uninvited and spew nonsense. Never reuse the same meeting ID, especially for important business meetings.
Add a meeting password. Beyond creating a unique meeting ID for each meeting, be sure to add a meeting password. While this adds some user friction, it also adds a layer of needed protection, particularly for critical meetings. In the face-to-face world, password authentication would be the equivalent of recognizing each other’s faces in a physical conference room.
Lock the meeting once quorum is reached. Similar to physically locking a room after all the attendees have arrived, many tools can virtually lock the room after all virtual attendees have checked in. This prevents any unauthorized entrants.
Remind attendees if a meeting is being recorded. Most tools have a recording option. If a meeting is going to be recorded, for privacy reasons, make it a point to announce this at the beginning, halfway through – for employees who may have joined late – and at the end of the meeting.
Use a virtual background. With more than one remote employee sharing a house or workspace, having the ability to blur or replace the screen’s background is a critical privacy feature. For example, Zoom has virtual backgrounds, and Microsoft Teams offers background blurring. These features prevent any accidental snafus and enable team members to stay focused even in the presence of distracting background activities.
Treat the chat room with caution. As users get more comfortable with video conferencing tools, additional communication capabilities the programs offer, such as chat rooms, will gain traction. Caution employees to never share confidential information or files in chat rooms. Also, be careful when clicking links in chat rooms. Video conferencing tools may not offer the same antimalware protection as an email client, for example.
Update, update everywhere. With many user devices – laptops, phones and tablets – at home, the conferencing tool is likely installed on more than one device. And, with these tools in the crosshairs of attackers and white hat testers alike, the frequency of software updates for critical flaws is likely going to increase as well. Be diligent in updating these video conferencing apps more frequently on all devices.
Adapted from an article on www.searchsecurity.techtarget.com by, Ashwin Krishmen