George Waller, EVP, and co-founder of StrikeForce Technologies, shares his top cybersecurity tips for video conferencing this year
As the business world navigates the realities around work, video conferencing has become a core technology component for keeping operations moving forward in today’s environment. However, the growth of virtual collaboration tools has also opened up new privacy and security concerns, raising questions about these platforms and their ability to protect users while keeping sensitive information and data completely secure. Of note, Zoom’s platform usage jumped significantly post-COVID, yet one unfortunate by-product of this increase was the exposure of several security flaws. Other popular platforms like Microsoft Teams and GoToMeeting have also noticed their share of issues with regards to privacy and security.
With a hybrid of in-office and remote working likely here to stay, there is an added emphasis for businesses to ensure their virtual collaboration tools provide adequate privacy and security. If video conferencing vendors don’t seriously address these concerns, they will continue to be easy targets for hackers with nefarious intent looking to compromise sensitive data.
Must-have video conferencing security features
When choosing a video conferencing platform for your organisation, it is imperative that cyber security is prioritised. While almost every platform offers some level of security these days, the key is finding the right mix of features that will ensure the highest levels of protection. Here are some recommendations for “must-have” cyber security features that your organization should be looking for:
Encrypted Audio and Video: This might seem like a no-brainer, but it wasn’t until somewhat recently that Zoom started to do this. Without this key feature, anyone can eavesdrop on your conversation and see what’s on your camera without you even knowing it. With fully encrypted audio and video, on the off chance a cyber attacker can break through this line of defense, there is not much they can hijack that is worth any value because what is being spoken and seen is entirely encrypted.
Meeting Authentication: Aside from having the option to require a password, most video conferencing platforms fall very short in regards to authentication. Proper authentication is quite literally the first line of defense and should be taken the most seriously. WIthout it, it is near impossible to identify meeting attendees as who they claim to be. Key authentication features include:
One-Time Passcodes (OTP): Users are sent a unique code to gain access to the meeting that can only be used once.
Two-Factor (2FA) and Multi-Factor Authentication (MFA): Requires the user to provide two or more verification factors to gain access to a meeting. 2FA and MFA are commonly used in conjunction with an OTP as an additional verification factor.
Out-of-Band Authentication (OOB): This is a type of 2FA that requires a secondary verification method through a separate communication channel. For example, one channel could be the user’s internet connection on their computer while the other could be their wireless network connection on their mobile device.
Biometrics: This is where a unique physiological or behavioural trait is captured to confirm the individual’s identity such as their finger print, facial recognition, or a retina scan.
Endpoint Protection: This feature encompasses the endpoints of the devices from which the meeting participants are using to connect to the platform which can be susceptible to malware spying. Audio and video encryption only works for data in motion as it’s traveling over the internet, not if malware is on your local computer, therefore, endpoint protection should include the following:
Camera Protection: Prevents malware from stealing camera stream
Microphone Protection: Prevents malware from stealing microphone stream
Audio-Out Speakers: Prevents camera from stealing audio stream (what others are saying)
Keystroke logging: Prevents undetected keyloggers from capturing keystrokes i.e. credentials, corporate & customer data, meets or exceeds compliance requirements for 2FA
Screen Capture: This eliminates the risk of unauthorized screenshots from taking place
Clipboard Protection: Prevents copied clipboard data from being stolen by malware
Security should be your number 1 priority
The video conferencing market is seeing stellar growth heading into 2022 as the business world continues to face uncertainty around the future of in-office work. Many in the industry are starting to think differently about how to appropriately classify video conference meeting security. As cyber-attacks and disruptive virtual meeting incidents become more common, it is imperative for organizations to take a closer look at their communications tools to ensure total organizational safety and security. This entails going beyond just training and vigilance, so companies can feel confident that they can meet the numerous cyber-related threats and challenges that lie ahead.
When choosing a video conference platform its important to consider your organisation’s needs, but the bottom line is security should be the number priority.
About the author
George Waller, CEO of StrikeForce Technologies, is an entrepreneur and technologist with over two decades in the cybersecurity and computer industries. He played a pivotal role in introducing two leading cybersecurity technologies: out-of-band authentication and keystroke encryption to the marketplace. Today, these technologies are used in banking, health care, education, manufacturing and government sectors.