As meetings and events move online, BlueJeans suggests eight steps businesses should take to avoid the most common videoconferencing security and privacy breaches
1 Be careful about sharing your Meeting ID. You may want to recruit as many people as possible to your meeting or live event, but exposing your Personal Meeting ID on social media, websites and other public forums can attract the wrong kind of attendees. There are too many examples of attendees sharing unsavoury content in ‘all-welcome’ events. As a minimum precaution we recommend using a OneTime Meeting ID.
2 Always use passcodes. Meeting hosts should apply both moderator and participant passcodes (if available) to heighten meeting security. Moderator Passcodes require the meeting host (or a designated delegate) to enter a unique code to start the meeting. This prevents risky behaviour occurring before the host arrives. Participant Passcodes add an additional layer of security, allowing only those with the correct code to join the meeting. Some videoconferencing services offer advanced fraud detection to detect and report repeated login failures and meeting join failures. This helps block the type of malicious intruders who scan for meeting IDs over a set period of time.
4 Keep watch on meeting joiners. Meeting hosts can track who joins meetings in a variety of ways, depending on the system they’re using. Most allow the host to set an audible alert to announce when new attendees join. Some also display entry and exit banners with the names of joining attendees on-screen. The host should also view the meeting roster to verify who is on the video conference. If unrecognised or anonymous names are on the list, the host should ask them to confirm their identity by voice or chat.
5 Master the controls. To prevent unwanted participants joining your meeting or event, make sure the system you’re using allows the host to eject or drop a participant and prevent them from re-joining. Some systems also let you lock a meeting once all the required individuals are present. This is critical when participants plan to cover sensitive and confidential information.
A common problem occurs when a meeting host with back-to-back meetings uses their Personal Meeting ID for both. If the first meeting overruns and participants for the next call join they can listen in to the previous meeting. To avoid this, plan in advance and use a One-Time Meeting ID.
Most systems allow hosts to mute the audio and video of some or all participants and put the meeting in ‘host-only’ mode. This helps keep the group focused and prevents disruptions, including from unwanted guests. Participants that want to ask questions have other options. Depending on the system, they can virtually ‘raise their hands’ and then ask questions by voice or chat.
Be aware that some platforms enable file transfers that can be conduits for malware-sharing. At the very least, ensure that meeting hosts can disable ‘file transfer’ to prevent malware being shared.
6 Use live meeting controls for large meetings and events. When companies need to run large meetings or events with more than 25 people, they should invest in systems with appropriate capabilities and security features. Systems designed for larger groups allow hosts to delegate the job of monitoring and controlling meeting participants and moderating question and answer sessions.
7 Use browser-based meetings to avoid download delays. Some platforms require people to install software, delaying meeting start times. If you want to free participants from having to download software before joining, look for videoconferencing providers that support browser-based options that use the WebRTC real-time communications standard. This allows users simply to click on a link to join a meeting in a web browser.
8 Practice basic security hygiene. According to online security experts Check Point, 90% of cyber attacks start with a phishing campaign. If you receive a link by email or social channels to join a video conference, contact the sender to confirm its legitimacy. Never open links and attachments in emails from unknown senders. Look for the classic clues of cybercrime like spelling errors in URLs and emails.
BlueJeans Network provides videoconferencing services in more than 180 countries.