Now that many of us are staying home to curb the spread of COVID-19, we are spending much more of our lives online. Utilizing conferencing software like Zoom, Google Meet or Cisco Webex is now part of our daily routines as we work, socialize, and learn from the safety of our homes.
While online meetings limit the risk of spreading COVID-19, they can expose you to cyber threats. What types of threats should you be concerned about? Malicious hackers look to exploit vulnerabilities in video conferencing in hopes that they can spread malware and gain access to private meetings. Recently, the FBI has noticed and warned the public about a threat called “Zoom bombing”, where hackers gain access to meetings and disrupt them with inappropriate imagery and language.
Here are seven security best practices you should be following in order to ensure that you have video conferencing security to protect your online meetings and classes:
1. Create a meeting ID and meeting password
Video conferencing security should be a big priority – it keeps your employees and your company safe (especially important if you’re a law firm). There are a few things to think about when it comes to minimizing your security risks with video conferences. First, you need to be aware of your security settings and what protocols you use now (if any). You must also commit to following security best practices and stay vigilant in finding and fixing vulnerabilities in your system.
Passwords will help you block any intruder or malicious actor who tries to gain access to your meetings. In order to restrict access to your meetings, you should create a unique meeting ID and password for each one. When it comes to password protection, you should always create complex passwords with a combination of letters, numbers, and special characters. (Don’t use weak passwords like “12345”.)
2. Lock the meeting
Once everyone has joined the video conference meeting, you should lock the virtual meeting room. This will make it more difficult for any intruder or threat actor to join and gain access to sensitive information shared during the meeting.
3. Don’t share video conference links widely
Think about what’s appropriate as you send invitations and share links to invite people to your online meeting. You should only send invitations to meetings through secure channels and to known participants. Avoid sharing anything through social media or a public sphere where it would be easy for an outsider to find.
4. Set up a waiting room
If you set up a virtual waiting room through your video conferencing software, you can place participants in a separate “room” before they join the meeting. As a host, you are the gatekeeper. You can admit everyone who is supposed to be in the meeting, and keep out anyone who shouldn’t be there.
5. Limit screen sharing
To prevent security risks like “Zoom bombing” from happening to your meeting, turn off screen sharing for participants in your security settings. As a default, you should only allow the host to screen share. Then once a meeting has started, the host can allow certain participants to share when needed.
6. Try audio without video
If you don’t need video for a meeting, consider going without it. If participants turn off their webcams and participate via audio, you can minimize the risk of a malicious actor using social engineering attempts to gather information about your team and/or the content of the meeting.
Not only can audio-only meetings be more secure, but they also take less bandwidth on an internet connection. This can sometimes improve the overall quality and experience of the meeting for everyone involved.
7. Secure any live captioning
You might need to provide live captioning in your video conferences for accessibility reasons. This process needs to be safe and secure as well. A service like Rev Live Captions for Zoom takes everything that’s said on a Zoom video call and securely converts it into closed captions in real-time. No matter your captioning provider, make sure you know where your speech data is going. (Once speech data is sent through Rev’s system and processed as captions, it is deleted instantly. We are committed to maintaining your privacy, security, and peace of mind, so you can rest assured that we store absolutely none of your speech data.)
It’s important to be aware of the vulnerabilities that might be present in video conferencing and how to host your online meetings most securely. To get started, we recommend conducting a security audit to find your weaknesses, then create a plan to start implementing best practices for secure video conferencing.