Guidelines for secure home office and remote work video conferencing

Guidelines for secure home office and remote work video conferencing

A year ago, both government agencies and companies around the world were forced to get employees up to speed on home office and remote work within a very short timeframe and to provide the necessary technical resources to do so. Rohde & Schwarz Cybersecurity received numerous customer inquiries during this time, asking for advice on how to make their employees' home offices IT-secure. We therefore published several news articles as well as a practical e-book with step-by-step instructions. Today, the focus is on how to secure your employees' video conferences, whether they work from home or remotely.

Video conferencing, more than any other tool, has become the favorite work tool in collaboration and communication strategies. The home office mandate has shown just how valuable video conferencing can be - in terms of team collaboration, but more importantly in terms of increasing efficiency, productivity and ultimately employee satisfaction.

Video first

By 2027, the video collaboration market will be worth $11.56 billion, and demand is likely to continue to grow. The question is what the rapid adoption of video technology will mean for IT security in the coming years, and how organizations can improve the user experience while maintaining cybersecurity.

The dramatic rise (some call it the zoom boom) and proliferation of video conferencing software was evident even before the outbreak of the pandemic. From a business perspective, the benefits of a mobile workforce are obvious on a local, national and global level. But a video conference is only as secure as its IT environment. As the provider, you must ensure that the end devicesused and the line to the conference are secured by data encryption, via or dedicated cybersecurity software.

Given the convenience of hosting meetings and events digitally, Rohde & Schwarz Cybersecurity recommends guidelines for avoiding data and IT security breaches during video conferences:

1. exercise caution when sharing meeting IDs.

Posting meeting IDs on social media, websites or public forums may attract unwanted participants. As a precaution, we recommend using unique meeting IDs for video conferencing.

2. use passwords whenever possible

Using passwords for both presenters and participants increases security. The presenter password requires the admin to enter a code to unlock it. Participant passwords ensure that only people with the correct code attend the session. Repeated login failures can indicate attackers targeting meeting IDs; some video conferencing services offer advanced fraud detection for this.

3. Are you aware of the video conferencing provider's privacy policy?

Many providers share data with third parties to some degree. Some share personal data with third parties, while others only share aggregate data about call information such as duration, location, and number of subscribers. If your video conferencing provider shares personal data with third parties, you are required to inform your conference participants. Pay attention to notices of the especially if you use video conferencing for application purposes in your company.

Do not record the video conference and ensure an encrypted connection (see VPN). Choose a security provider whose solutions are hosted within the EU to be GDPR compliant.

4. Keep track of your conference participants.

You know that audible signal that announces participants have joined the conference? Some vendors display entrance and exit banners with participants' names. As the moderator, check who is joining the videoconference. Unknown or anonymous people, you should ask to confirm their identity.

5. Use the control functions

Exclude participants who are not authorized to join your videoconferences and lock the conference once everyone is present to prevent eavesdropping on confidential information. File transfers can be used to pass and should be disabled without proper security measures. An appropriate security solution protects microphone usage and provides webcam support, means, unauthorized access to a camera becomes impossible.

6. Invitations to video conferences as a phishing campaign

A large number of cyberattacks start with a successful phishing campaign and malware distribution. If you receive links to video conferences from people you don't know via email or social media, verify their legitimacy. Never open links and attachments in emails from unknown senders and look out for typical phishing clues such as spelling errors or unusual domain extensions. In the enterprise, additionally rely on a fully virtualized surfing environment that protects your web conferences.

Our solutions

Virtual Private Network

Virtual private network

GDPR compliance

GDPR compliance

 Malware protection

Malware protection

Solicitar información

¿Tiene preguntas o necesita información adicional? Simplemente complete este formulario y nos pondremos en contacto con usted.

Permiso de marketing

Se ha enviado su solicitud. Nos pondremos en contacto con usted en breve.
An error is occurred, please try it again later.