Video conferencing security best practices

ramsac teams online chat call

Posted on September 30, 2021 by Louise Howland

With the shift toward remote working from home office environments, the global workforce has been relying more than ever on technology to remain connected. Increasingly professionals depend on the reliability of video-conferencing apps like Microsoft Teams or Zoom, which have been critical in closing the gaps between team members. As professionals turn to personal devices and stream from their home internet, there is an even greater risk and threat of cybercrime than ever before.

Video conferencing security best practices should be a high priority because risks can affect not only your employees, but your business too. In late 2020, just as many employers began digitising the ways their teams work and communicate, a trend emerged in America and was criticised by the FBI (Federal Bureau of Investigation). VTC hijacking (known as ‘Zoom bombing’) became alarmingly common as hackers breached teleconferencing and other applications. This event highlighted the severity of cyber threats and how they can intrude video meetings.

There are several ways you can reduce risks associated with videoconferencing. Awareness about security controls and settings is a starting point. Upholding best practice means being vigilant and proactive with your technology.

Security best practices

Security best practice is all about protecting your business and its employees. Security is a growing topic of concern for many businesses because technology has become so inseparable from the way many of us work. Video conferencing is an example of how easily security best practice can be overlooked, and when it does the risk of a breach increases.

Top Security Recommendations

Here are top security recommendations for those using video conferencing to work, collaborate, and remain connected.

1) Partnerships start with trust

Before committing to a platform for video conferencing, start with research and work from an application that supports your business and its goals. Choosing a reliable and secure provider can give your workforce and customers the confidence that you’re practising good cyber hygiene.

Research and investigate the best platforms for video conferencing. The best platform will depend on the needs and preferences of your workforce, along with your business goals. If you have an existing account with Microsoft, for example, you can simply integrate Teams into other Office 365 products.

ramsac says: Cheap doesn’t mean reliable. When choosing a platform, the temptation for a free subscription shouldn’t overrule the security needs of your business. A good video conferencing app should feel like an investment, especially if you work with sensitive data.

2) Become familiar with the security settings

Most reputable applications will offer the admin, or those setting up a meeting, security options. Rely on using these security controls often to ensure that your meetings remain private and locked, and this will help limit unwanted access.

These controls often range from ‘locking’ features, which secure meeting rooms, down to authentication of users, limiting those who can join meetings. If you want to keep your meeting rooms private, you can configure settings so that only certain members can enter your call.

3) Generate Meeting IDs

To secure your virtual meeting room, setup a new and unique meeting ID and password. If you don’t have this, you can simply share the meeting link or invite participants through the Teams application. This information should, however, be shared with only the necessary users. This simple step will limit who can access your meetings and the password setup will offer an extra layer of protection.

ramsac says: Treat your password strength the same as you would for any other device. Weak passwords are easy work for attackers, who can take advantage of your devices’ vulnerabilities.

video conferencing security

4) Use ‘Waiting Rooms’

Hosts can secure their meeting rooms by setting up separate waiting areas, before admitting participants into a meeting. Thinks of this step as basic gatekeeping, which means participants are screened before a meeting takes place.

This feature, which is popular in Microsoft Teams, allows hosts to control and regulate who can enter the room at any point during a meeting. This will even limit distractions from late entrants, who may be arriving at a meeting after it has already started.

5) Use Screen Sharing Cautiously

Whilst an invaluable feature, especially for sharing information, users should be encouraged to carefully screen what they show in a meeting. If a business handles confidential information, this step is vital, as sharing could jeopardise private data.

As a rule, the host of a meeting should always share their screen first. But others in the same call can request to control what’s being shown. Screen sharing needs to be controlled and the audience can take turns requesting to share their screen.

6) Business services are not the same as consumer products

Consumer-based services are often too generic for business use and will lack the stringent security measures your business will need. Customisations are lacking, and consumer-grade video conferencing will struggle to support busier and larger teams that rely on these apps regularly to make virtual calls and attend meetings.

7) Browser vs Application

Some video conferencing applications can be used from a browser, whereas others are run from an application. It’s worth investigating what your business needs from a video conferencing app, and then comparing how they perform. Often browser-based apps are compressed and limited to video meetings, whereas an application opens the end-user to more practical features.

8) Customise Your Background

Hosts and participants can customise their backgrounds to maximise their privacy. Whether a larger pool of participants, such as a webinar, or a private meeting amongst colleagues, a virtual background replacement, which can be either an image overlay or a soft blur, can help users reclaim privacy when interacting over video conferences.

ramsac says: Modern video conferencing apps like Teams include these customisation features to help users retain privacy and get the most from their tools. It’s more than a gimmick, but can act as a kind of privacy curtain, concealing messy or private backdrops, and offering a more neutral image in its place.

9) Regulate extra chat features

Many call-based applications will offer users the opportunity to interact and engage with one another. Hosts should be cautious that links and other files aren’t being shared, or intercepted, unless it’s requested and part of the meeting agenda.

If you’re hosting a webinar, disabling the chat feature can help keep a room focused and will reduce any unwanted distractions or interference. This can become a security threat if unauthorised files or links are shared.

10) Update Your Applications

Patching is still best practice for those running applications, where older versions of a video conferencing software can leave a business exposed or vulnerable to breaches. Patching is where software updates are released to fix bugs, other issues and security vulnerabilities. Without updating applications, or installing new patches, you could be risking your security. This is an easy mistake, as old versions of software can allow a point of entry for hackers. That’s why one of most recommended tips for securing a device is to keep its patches up to date.

11) Meet Using a Secure Connection

Ensure you host or join meetings on a secure connection, rather than using public Wi-Fi. Your connection is just as important as keeping your video conferencing software updated and patched regularly. This risk grows if a user is working from home, but certain precautions can limit threats.

Masking your WiFi so it appears generic and anonymous will help. ‘Masking’ simply means hiding details about your internet connection, so it can’t easily be found and breached. Practising strong password health is also essential. Take steps to secure your connection so that your devices don’t become compromised.

As cybersecurity experts, we can help your business stay ahead of the risks and remain protected when video conferencing. For help installing Microsoft Teams, or if you want to inquire about security support, get in touch today.

Related Posts

  • How to set up a secure password policy in Microsoft 365
    March 6th, 2024

    How to set up a secure password policy in Microsoft 365

    Cybersecurity

    Discover the essentials of a robust password policy for cybersecurity in Microsoft 365. Learn what to include and what to avoid. Read the blog today. [...]

    Read article

  • A guide to sensitivity labels and how to apply them
    March 4th, 2024

    A guide to sensitivity labels and how to apply them

    Cybersecurity

    Sensitivity labels allow you to manage, organise, and protect sensitive emails, files, and documents as part of the Microsoft 365 suite. Read on. [...]

    Read article

  • MFA vs 2FA: What’s the Difference?
    March 1st, 2024

    MFA vs 2FA: What’s the Difference?

    Cybersecurity

    Features like user facial recognition that are difficult to replicate means multi-factor authentication offers more cybersecurity layers than two-factor authentication. Find out more. [...]

    Read article

  • Happy Birthday secure+: How our cybersecurity solution has detected over 8000 cybersecurity alerts in one year
    February 23rd, 2024

    Happy Birthday secure+: How our cybersecurity solution has detected over 8000 cybersecurity alerts in one year

    Cybersecurity

    secure+ has detected and responded to over 8000 security alerts in its first year [...]

    Read article

  • MFA Fatigue: Multi-Factor Authentication (MFA) is best practice, but it’s not risk free.
    February 6th, 2024

    MFA Fatigue: Multi-Factor Authentication (MFA) is best practice, but it’s not risk free.

    Cybersecurity

    MFA Fatigue is a problem organisations need to be aware of, in this blog we break down why and what organisations can do to combat it. [...]

    Read article

  • Data Protection Day – Protecting your information on social media.
    January 28th, 2024

    Data Protection Day – Protecting your information on social media.

    Cybersecurity

    The 28th of January is Data Protection day, to mark this day we have created a blog with tips on how people can keep their personal data safe on [...]

    Read article