Cybersecurity tips for video conferencing in 2022

George Waller, EVP, and co-founder of StrikeForce Technologies, shares his top cybersecurity tips for video conferencing this year

As the business world navigates the realities around work, video conferencing has become a core technology component for keeping operations moving forward in today’s environment. However, the growth of virtual collaboration tools has also opened up new privacy and security concerns, raising questions about these platforms and their ability to protect users while keeping sensitive information and data completely secure. Of note, Zoom’s platform usage jumped significantly post-COVID, yet one unfortunate by-product of this increase was the exposure of several security flaws. Other popular platforms like Microsoft Teams and GoToMeeting have also noticed their share of issues with regards to privacy and security.

With a hybrid of in-office and remote working likely here to stay, there is an added emphasis for businesses to ensure their virtual collaboration tools provide adequate privacy and security. If video conferencing vendors don’t seriously address these concerns, they will continue to be easy targets for hackers with nefarious intent looking to compromise sensitive data.


Must-have video conferencing security features

When choosing a video conferencing platform for your organisation, it is imperative that cyber security is prioritised. While almost every platform offers some level of security these days, the key is finding the right mix of features that will ensure the highest levels of protection. Here are some recommendations for “must-have” cyber security features that your organization should be looking for:

Encrypted Audio and Video: This might seem like a no-brainer, but it wasn't until somewhat recently that Zoom started to do this. Without this key feature, anyone can eavesdrop on your conversation and see what’s on your camera without you even knowing it. With fully encrypted audio and video, on the off chance a cyber attacker can break through this line of defense, there is not much they can hijack that is worth any value because what is being spoken and seen is entirely encrypted.

Meeting Authentication: Aside from having the option to require a password, most video conferencing platforms fall very short in regards to authentication. Proper authentication is quite literally the first line of defense and should be taken the most seriously. WIthout it, it is near impossible to identify meeting attendees as who they claim to be. Key authentication features include:

One-Time Passcodes (OTP): Users are sent a unique code to gain access to the meeting that can only be used once.

Two-Factor (2FA) and Multi-Factor Authentication (MFA): Requires the user to provide two or more verification factors to gain access to a meeting. 2FA and MFA are commonly used in conjunction with an OTP as an additional verification factor.

Out-of-Band Authentication (OOB): This is a type of 2FA that requires a secondary verification method through a separate communication channel. For example, one channel could be the user's internet connection on their computer while the other could be their wireless network connection on their mobile device. 

Biometrics: This is where a unique physiological or behavioural trait is captured to confirm the individual's identity such as their finger print, facial recognition, or a retina scan.

Endpoint Protection: This feature encompasses the endpoints of the devices from which the meeting participants are using to connect to the platform which can be susceptible to malware spying. Audio and video encryption only works for data in motion as it’s traveling over the internet, not if malware is on your local computer, therefore, endpoint protection should include the following:

Camera Protection: Prevents malware from stealing camera stream

Microphone Protection: Prevents malware from stealing microphone stream

Audio-Out Speakers: Prevents camera from stealing audio stream (what others are saying)

Keystroke logging: Prevents undetected keyloggers from capturing keystrokes i.e. credentials, corporate & customer data, meets or exceeds compliance requirements for 2FA

Screen Capture: This eliminates the risk of unauthorized screenshots from taking place

Clipboard Protection: Prevents copied clipboard data from being stolen by malware


Security should be your number 1 priority

The video conferencing market is seeing stellar growth heading into 2022 as the business world continues to face uncertainty around the future of in-office work. Many in the industry are starting to think differently about how to appropriately classify video conference meeting security. As cyber-attacks and disruptive virtual meeting incidents become more common, it is imperative for organizations to take a closer look at their communications tools to ensure total organizational safety and security. This entails going beyond just training and vigilance, so companies can feel confident that they can meet the numerous cyber-related threats and challenges that lie ahead. 

When choosing a video conference platform its important to consider your organisation's needs, but the bottom line is security should be the number priority.


About the author 

George Waller, CEO of StrikeForce Technologies, is an entrepreneur and technologist with over two decades in the cybersecurity and computer industries. He played a pivotal role in introducing two leading cybersecurity technologies: out-of-band authentication and keystroke encryption to the marketplace. Today, these technologies are used in banking, health care, education, manufacturing and government sectors. 


Share

Featured Articles

How secure is sensitive data stored in the cloud?

A Cloud Security Alliance (CSA) survey has found 67% of organisations store sensitive data in public cloud environments, but how secure is it?

CYBER LIVE LONDON: Day 2 highlights of the hybrid tech show

We take a look at highlights of the different stages at the Tech Live London show, including insights from Claroty, SalesForce and Oracle

TECH LIVE LONDON: An overview of the hybrid technology show

We take a look at the first day of Tech Live London with insights from technology leaders from companies such as IBM, Microsoft and Vodafone

Does a cashless society mean higher risk of fraud?

Cyber Security

5 minutes with Gary Brickhouse, CISO of GuidePoint Security

Cyber Security

CTO at Passbolt explains the importance of password managers

Application Security