Video conferencing security best practices

ramsac teams online chat call

With the shift toward remote working from home office environments, the global workforce has been relying more than ever on technology to remain connected. Increasingly professionals depend on the reliability of video-conferencing apps like Microsoft Teams or Zoom, which have been critical in closing the gaps between team members. As professionals turn to personal devices and stream from their home internet, there is an even greater risk and threat of cybercrime than ever before.

Video conferencing security best practices should be a high priority because risks can affect not only your employees, but your business too. In late 2020, just as many employers began digitising the ways their teams work and communicate, a trend emerged in America and was criticised by the FBI (Federal Bureau of Investigation). VTC hijacking (known as ‘Zoom bombing’) became alarmingly common as hackers breached teleconferencing and other applications. This event highlighted the severity of cyber threats and how they can intrude video meetings.

There are several ways you can reduce risks associated with videoconferencing. Awareness about security controls and settings is a starting point. Upholding best practice means being vigilant and proactive with your technology.

Security best practices

Security best practice is all about protecting your business and its employees. Security is a growing topic of concern for many businesses because technology has become so inseparable from the way many of us work. Video conferencing is an example of how easily security best practice can be overlooked, and when it does the risk of a breach increases.

Top Security Recommendations

Here are top security recommendations for those using video conferencing to work, collaborate, and remain connected.

1) Partnerships start with trust

Before committing to a platform for video conferencing, start with research and work from an application that supports your business and its goals. Choosing a reliable and secure provider can give your workforce and customers the confidence that you’re practising good cyber hygiene.

Research and investigate the best platforms for video conferencing. The best platform will depend on the needs and preferences of your workforce, along with your business goals. If you have an existing account with Microsoft, for example, you can simply integrate Teams into other Office 365 products.

ramsac says: Cheap doesn’t mean reliable. When choosing a platform, the temptation for a free subscription shouldn’t overrule the security needs of your business. A good video conferencing app should feel like an investment, especially if you work with sensitive data.

2) Become familiar with the security settings

Most reputable applications will offer the admin, or those setting up a meeting, security options. Rely on using these security controls often to ensure that your meetings remain private and locked, and this will help limit unwanted access.

These controls often range from ‘locking’ features, which secure meeting rooms, down to authentication of users, limiting those who can join meetings. If you want to keep your meeting rooms private, you can configure settings so that only certain members can enter your call.

3) Generate Meeting IDs

To secure your virtual meeting room, setup a new and unique meeting ID and password. If you don’t have this, you can simply share the meeting link or invite participants through the Teams application. This information should, however, be shared with only the necessary users. This simple step will limit who can access your meetings and the password setup will offer an extra layer of protection.

ramsac says: Treat your password strength the same as you would for any other device. Weak passwords are easy work for attackers, who can take advantage of your devices’ vulnerabilities.

video conferencing security

4) Use ‘Waiting Rooms’

Hosts can secure their meeting rooms by setting up separate waiting areas, before admitting participants into a meeting. Thinks of this step as basic gatekeeping, which means participants are screened before a meeting takes place.

This feature, which is popular in Microsoft Teams, allows hosts to control and regulate who can enter the room at any point during a meeting. This will even limit distractions from late entrants, who may be arriving at a meeting after it has already started.

5) Use Screen Sharing Cautiously

Whilst an invaluable feature, especially for sharing information, users should be encouraged to carefully screen what they show in a meeting. If a business handles confidential information, this step is vital, as sharing could jeopardise private data.

As a rule, the host of a meeting should always share their screen first. But others in the same call can request to control what’s being shown. Screen sharing needs to be controlled and the audience can take turns requesting to share their screen.

6) Business services are not the same as consumer products

Consumer-based services are often too generic for business use and will lack the stringent security measures your business will need. Customisations are lacking, and consumer-grade video conferencing will struggle to support busier and larger teams that rely on these apps regularly to make virtual calls and attend meetings.

7) Browser vs Application

Some video conferencing applications can be used from a browser, whereas others are run from an application. It’s worth investigating what your business needs from a video conferencing app, and then comparing how they perform. Often browser-based apps are compressed and limited to video meetings, whereas an application opens the end-user to more practical features.

8) Customise Your Background

Hosts and participants can customise their backgrounds to maximise their privacy. Whether a larger pool of participants, such as a webinar, or a private meeting amongst colleagues, a virtual background replacement, which can be either an image overlay or a soft blur, can help users reclaim privacy when interacting over video conferences.

ramsac says: Modern video conferencing apps like Teams include these customisation features to help users retain privacy and get the most from their tools. It’s more than a gimmick, but can act as a kind of privacy curtain, concealing messy or private backdrops, and offering a more neutral image in its place.

9) Regulate extra chat features

Many call-based applications will offer users the opportunity to interact and engage with one another. Hosts should be cautious that links and other files aren’t being shared, or intercepted, unless it’s requested and part of the meeting agenda.

If you’re hosting a webinar, disabling the chat feature can help keep a room focused and will reduce any unwanted distractions or interference. This can become a security threat if unauthorised files or links are shared.

10) Update Your Applications

Patching is still best practice for those running applications, where older versions of a video conferencing software can leave a business exposed or vulnerable to breaches. Patching is where software updates are released to fix bugs, other issues and security vulnerabilities. Without updating applications, or installing new patches, you could be risking your security. This is an easy mistake, as old versions of software can allow a point of entry for hackers. That’s why one of most recommended tips for securing a device is to keep its patches up to date.

11) Meet Using a Secure Connection

Ensure you host or join meetings on a secure connection, rather than using public Wi-Fi. Your connection is just as important as keeping your video conferencing software updated and patched regularly. This risk grows if a user is working from home, but certain precautions can limit threats.

Masking your WiFi so it appears generic and anonymous will help. ‘Masking’ simply means hiding details about your internet connection, so it can’t easily be found and breached. Practising strong password health is also essential. Take steps to secure your connection so that your devices don’t become compromised.

As cybersecurity experts, we can help your business stay ahead of the risks and remain protected when video conferencing. For help installing Microsoft Teams, or if you want to inquire about security support, get in touch today.

Related Posts

  • What is Zero Trust security and where should you start?

    What is Zero Trust security and where should you start?

    Cybersecurity

    Zero Trust security removes assumptions about trusting a user, even when they're inside your network. This means users and devices must be verified. Read here. [...]

    Read article

  • Why are charities increasingly being attacked by cyber criminals? 

    Why are charities increasingly being attacked by cyber criminals? 

    Cybersecurity

    More than a quarter of charities were reportedly the target of cybercrimes in the last year alone. But why are charities increasingly the victims of cyberattacks? Find out here… [...]

    Read article

  • Introducing the Cyber Resilience Certification from ramsac

    Introducing the Cyber Resilience Certification from ramsac

    Cybersecurity

    ramsac is committed to helping organisations to protect themselves against cybercrime, to help organisations understand where they are on their cyber resilience journey, we have created the ramsac cyber [...]

    Read article

  • How aware are you when it comes to social engineering?

    How aware are you when it comes to social engineering?

    Cybersecurity

    Cybercrime is huge; indeed, no other criminal activity is quite so lucrative, thus it is imperative that you prepare and protect both your business and your personal life to [...]

    Read article

  • Common telephone cybersecurity risks for businesses

    Common telephone cybersecurity risks for businesses

    Cybersecurity

    Companies are at risk from telephone hacks every day. Discover what common tactics are, and how you can prevent them. [...]

    Read article

  • Is Russian based Kaspersky Anti-virus a threat?

    Is Russian based Kaspersky Anti-virus a threat?

    Cybersecurity

    Kaspersky is a russian based anti-virus, in this blog we explore the NCSC latest advice for organisations using Russian – nexus products and services [...]

    Read article