Guidelines for secure home office and remote work video conferencing

Guidelines for secure home office and remote work video conferencing

A year ago, both government agencies and companies around the world were forced to get employees up to speed on home office and remote work within a very short timeframe and to provide the necessary technical resources to do so. Rohde & Schwarz Cybersecurity received numerous customer inquiries during this time, asking for advice on how to make their employees' home offices IT-secure. We therefore published several news articles as well as a practical e-book with step-by-step instructions. Today, the focus is on how to secure your employees' video conferences, whether they work from home or remotely.

Video conferencing, more than any other tool, has become the favorite work tool in collaboration and communication strategies. The home office mandate has shown just how valuable video conferencing can be - in terms of team collaboration, but more importantly in terms of increasing efficiency, productivity and ultimately employee satisfaction.

Video first

By 2027, the video collaboration market will be worth $11.56 billion, and demand is likely to continue to grow. The question is what the rapid adoption of video technology will mean for IT security in the coming years, and how organizations can improve the user experience while maintaining cybersecurity.

The dramatic rise (some call it the zoom boom) and proliferation of video conferencing software was evident even before the outbreak of the pandemic. From a business perspective, the benefits of a mobile workforce are obvious on a local, national and global level. But a video conference is only as secure as its IT environment. As the provider, you must ensure that the end devices used and the line to the conference are secured by data encryption, via VPN or dedicated cybersecurity software.

Given the convenience of hosting meetings and events digitally, Rohde & Schwarz Cybersecurity recommends guidelines for avoiding data and IT security breaches during video conferences:

1. exercise caution when sharing meeting IDs.

Posting meeting IDs on social media, websites or public forums may attract unwanted participants. As a precaution, we recommend using unique meeting IDs for video conferencing.

2. use passwords whenever possible

Using passwords for both presenters and participants increases security. The presenter password requires the admin to enter a code to unlock it. Participant passwords ensure that only people with the correct code attend the session. Repeated login failures can indicate attackers targeting meeting IDs; some video conferencing services offer advanced fraud detection for this.

3. Are you aware of the video conferencing provider's privacy policy?

Many providers share data with third parties to some degree. Some share personal data with third parties, while others only share aggregate data about call information such as duration, location, and number of subscribers. If your video conferencing provider shares personal data with third parties, you are required to inform your conference participants. Pay attention to notices of the GDPR especially if you use video conferencing for application purposes in your company.

Do not record the video conference and ensure an encrypted connection (see VPN). Choose a security provider whose solutions are hosted within the EU to be GDPR compliant.

4. Keep track of your conference participants.

You know that audible signal that announces participants have joined the conference? Some vendors display entrance and exit banners with participants' names. As the moderator, check who is joining the videoconference. Unknown or anonymous people, you should ask to confirm their identity.

5. Use the control functions

Exclude participants who are not authorized to join your videoconferences and lock the conference once everyone is present to prevent eavesdropping on confidential information. File transfers can be used to pass malware and should be disabled without proper security measures. An appropriate security solution protects microphone usage and provides webcam support, means, unauthorized access to a camera becomes impossible.

6. Invitations to video conferences as a phishing campaign

A large number of cyberattacks start with a successful phishing campaign and malware distribution. If you receive links to video conferences from people you don't know via email or social media, verify their legitimacy. Never open links and attachments in emails from unknown senders and look out for typical phishing clues such as spelling errors or unusual domain extensions. In the enterprise, additionally rely on a fully virtualized surfing environment that protects your web conferences.

Our solutions

Virtual private network

More information

GDPR compliance

More information

Malware protection

More information

Demander des informations

Vous avez des questions ou besoin d'informations supplémentaires ? Remplissez simplement ce formulaire et nous vous recontacterons rapidement.

Je souhaite recevoir des informations de Rohde & Schwarz via

Marketing de permission

Qu'est ce que cela signifie en détail ?

Je reconnais que les entités ROHDE & SCHWARZ GmbH & Co. KG et ROHDE & SCHWARZ ou toute autre société subsidiaire mentionnée au sein de ce site Internet, peuvent me contacter par le moyen de leur choix (email ou courrier) pour des raisons marketing et publicitaires (par exemple pour des informations sur des offres spéciales et des promotions) en relation avec, mais pas uniquement, des produits et des solutions dans les domaines du test et mesure, des communications sécurisées, de la surveillance et test des réseaux, des broadcasts et médias, ainsi que de cybersécurité.

Vos droits

Cette déclaration de consentement peut être révoquée à tout moment par l'envoi d'un courriel portant, dans son objet, la mention "Unsubscribe" (désinscription) à news@rohde-schwarz.com. En outre, chaque courriel envoyé contient un lien vers une fonction de désinscription de publicités ultérieures adressées par courrier électronique. La "Déclaration de confidentialité" expose plus en détail l'utilisation des données personnelles, ainsi que la procédure de révocation de consentement.

Votre demande a bien été envoyée ! Nous vous contacterons dans les plus brefs délais.
An error is occurred, please try it again later.