How can you guarantee your video conferencing solution is as secure as possible?
With more than three quarters of businesses using video conferencing for collaboration, and 56% of business executives participating in at least one video call per week, it is more important than ever for businesses to ensure that their conferencing solution is secure, particularly for companies who regularly transmit sensitive data and personal information e.g. financial, legal and medical firms. (Polycom and Redshift Survey)
The need for optimising video security is growing as companies look for new and innovative ways to make employees more productive, and video collaboration and unified communications rapidly overtake the traditional face to face meeting.
An increasing number of employees are working from home or on the go, collaborating with internal teams or customers via video conference on mobile devices. To meet the technology needs raised by this trend, a lot of organisations are implementing Bring-Your-Own-Device policies, allowing workers to work and communicate from their own personal devices, improving their flexibility and work-life balance as a result.
The changes in the way we work and communicate clearly promote a wealth of benefits for both businesses and the individual, but despite all the advantages of video collaboration and BYOD policies, deployment of these practices across your organisation require policies and security practices to be put in place in order to guarantee maximum data security.
We’ve compiled a list of the top 5 best security practices businesses should follow when implementing video conferencing solutions.
1. Create a BYOD Policy
Allowing employees to use their own devices for work can have a significant improvement on employee productivity and happiness as well as posing a significant competitive advantage, but there are security considerations that organisations must take into account. If there is no strict policy in place with regards to employees using their own personal devices then your company’s security could be at risk from unsecure networks, lost devices, forgotten or even complete lack of secure passwords.
While companies can't always guarantee full compliance with their rules, having a formal BYOD policy in place will go a long way towards protecting them. An effective BYOD policy should include the following:
- Heightened security measures
- Training programs to address employee compliance with BYOD policy and consequences of improper use
- Measures to ensure that IT are equipped to handle the influx of different devices
2. Implement Staff Training
Many companies do not give adequate training when it comes to video collaboration, simply expecting their employees to pick it up through first-hand experience, which may result in a lack of awareness of necessary security measures, particularly when sensitive data and private information is being shared.
In order to counter this, organisations should create and enforce an appropriate education process along with device support and usage policy, encouraging users to follow security protocols and update their devices when necessary.
Procedures should include things to be aware of in a video conference – simple things like what settings to use in order to prevent unwanted guests joining the call, and what equipment to switch off at the end of a call.
3. Update Video Systems
Many outdated conferencing systems do not support encryption, and so there is a greater risk of sensitive data falling into the wrong hands. Other, more modern systems, like WebEx and Google Hangouts, transmit data through a router or other server where it is decrypted and stored before being delivered. Encryption capabilities have advanced greatly, meaning there is no reason for security conscious companies to use unencrypted or outdated systems. Encrypting video streams solves the problem of unauthorised persons getting access to the data network and capturing private video streams. Encryption of stored video means that in the event of unauthorised access to video files, this won’t result in exposure of sensitive data.
4. Secure Networks or Devices
Transmitting sensitive information and data across internal and external networks, businesses need to be assured that their conferencing solution is safe and not susceptible to security breaches.
52% of smartphone users reported accessing unsecured Wi-Fi networks with their devices – a well-known vulnerability in the cybersecurity industry. (Cisco)
It is important that you have a process in place to ensure that the devices used to access the corporate network are safe and have not been subjected to modifications such as jailbreaking or rooting. Nor should they have threatening malware, spam, or applications that can compromise the corporate network or data.
Make sure users and devices that are accessing the corporate network on-premise or off-premise can be identified and allowed connectivity only if they are authorised and meet company policy.
5. Password Management
A recent Cisco study found some troubling insights into the inconsistent security habits of workers who use their smartphones for work: Nearly 40% don’t protect their phones with a password. So many smartphone owners are using their devices for work, yet 2 out 5 haven’t applied the most basic security protocols.
It is important that users of your video collaboration solution, particularly those that are connecting their own devices to the system, clearly understand their responsibilities when it comes to security. Your security policy should provide a set of guidelines for employees working from their personal devices and clear consequences for improper use.
For more detail about each of the above best practices and more, download our eBook “What is Compromising Your Video Conferencing Security?”
Or, for a comprehensive review of your video conferencing security and advice on mitigating potential risks call us on 01276 706706.
Image courtesy of Polycom