conferencing cybersecurity

Is Your Conferencing System a Cybersecurity Weak Link?

Video Conferencing Vulnerabilities

At home and in the office, the Internet of Things (IoT) has brought us new heights of connectivity and convenience. Yet recent years show that the connected devices that have opened up new doors for us have also exposed us to new vulnerabilities.

A cloud of insecurity seems to be looming over the new age of efficiency that connected devices have created. When not properly secured, connected devices can be a weak link when it comes to cybersecurity, leaving devices and the data on them at risk. We have seen the real-world risks associated with IoT devices in action last year, when the Mirai botnet hijacked more than a million devices to interrupt major websites. But that is not the only threat at hand. In the workplace, the security of these devices should be of utmost importance, especially considering what is at stake. In the hands of the wrong people, access to these devices can grant intruders the ability to spy on employees or steal corporate information.

Conferencing Systems

Conferencing systems — a camera, phone and codec — are among several devices that can help create a connected enterprise, increasing collaboration for the end users and improving ease of administration for the IT department. But the rise of remote working and global collaboration means that confidential corporate conversations are no longer protected by four walls; instead, they’re taking place across phone lines, network cables and video streams that span cities, countries and continents.

Protect Your Small Business

Intruders who manage to access a single conferencing system are suddenly granted an entry point to the entire network. They could monitor any communication coming in and going out of the device, and even snoop around other unprotected devices on the network. And unfortunately, these conversations can easily include a wealth of confidential and sensitive corporate information (just think about the content that is shared in an investors’ meeting).

The most common problem with these devices is access from the management console. You would be surprised to learn how many IT administrators leave the default passwords in place — a security gap that can allow someone access to your network and devices and the ability to modify or manipulate them. As a best practice, IoT devices should be treated like any other IT asset and secured accordingly. Authentication mechanisms that go beyond traditional password security should be mandatory.

Keep in mind that your conferencing devices are not the only security gaps. Cloud collaboration services — which are dominating the video collaboration space today and are frequently paired with conferencing devices — come with their own security concerns. Many service providers offer encryption of communication but do not do so by default. Instead, encryption is offered as a feature that customers would need to turn on — something that not everyone will realistically do.

Conferencing Security Challenges

These security challenges may seem daunting, but they do not have to halt your collaboration efforts.

Here are three best practices that can help prevent your conferencing system and service from becoming a cybersecurity weak link:

  1. Confirm and enforce encryption. Without encryption, your communication is subject to surveillance at any network level. Check with your service provider to ensure that encryption is turned on for all communications. Additionally, confirm if the provider is able to monitor your communications. Some vendors do this for support purposes, but it compromises your business’s privacy.
  2. Implement a strict password policy. Remember to use strong and complex passwords. When available, opt for multi-factor authentication. Take a look at the National Institute of Standards and Technology’s latest guidelines for effective password practices that do not put a heavy burden on users.
  3. Treat your conferencing devices as if they were servers. If you have to expose your devices to the public internet, take adequate precaution to limit damage if an intruder manages to gain access to the device. Quarantine non-compliant devices in a sandbox to protect the rest of your IT ecosystem, and be sure to keep all systems patched against known vulnerabilities.

Your network — and by extension, your business — is only as secure as the devices connected to it. Be proactive about vetting the security of your conferencing and collaboration devices and services to ensure that your business’s productivity boosts do not come at the cost of your privacy or security.

By Bobby Beckmann, CTO, Lifesize

Bobby Beckmann

As Lifesize CTO, Bobby leads a multinational team of engineers and developers to deliver continued innovation, scalability and reliability to the Lifesize cloud-based software service, HD camera and phone systems. With more than 20 years of experience, Beckmann helps Lifesize build on its reputation for innovations, recent momentum and usher in the next chapter of the company’s innovation.

Bobby joined Lifesize in 2015 and first served as vice president of service software where he played a pivotal role in developing the cloud-based software application and addressing the needs of the modern meeting environment. Prior to Lifesize, he served as CTO and vice president of engineering at Bloomfire, where he managed worldwide software engineering and product development efforts. Beckmann also previously held engineering leadership positions at OneID, Inc. and Optaros.

View Website

CONTRIBUTORS

Safeguarding Data When Employees Leave The Company

Safeguarding Data When Employees Leave The Company

Safeguarding Data Employee turnover is unavoidable. According to CompData Consulting, the average employee turnover rate in 2015 in the US ...
Fake Digital Currency

WordPress Security 101 – Securing Your Plugins, Themes, and Services

Securing Your Plugins, Themes, and Services Continued from part 3 of our 5 part WordPress security series. For web scribblers who ...
How IoT, Wearables, and Mixed Reality May Disrupt Banking

How IoT, Wearables, and Mixed Reality May Disrupt Banking

Banking Disruption Technology and finance have always gone together. It takes the best, most secure technologies to keep stockpiles of money ...
What You Need To Know About Choosing A Cloud Service Provider

What You Need To Know About Choosing A Cloud Service Provider

Selecting The Right Cloud Services Provider How to find the right partner for cloud adoption on an enterprise scale The ...
A Resilient Cloud Strategy: Standardize or Diversify?

A Resilient Cloud Strategy: Standardize or Diversify?

A Resilient Cloud Strategy Over the past few years, I have seen IT organizations adopt cloud in very different ways ...
How The CFAA Ruling Affects Individuals And Password-Sharing

How The CFAA Ruling Affects Individuals And Password-Sharing

Individuals and Password-Sharing With the 1980s came the explosion of computing. In 1980, the Commodore ushered in the advent of home ...
Why Open Source Technology is the Key to Any Collaboration Ecosystem

Why Open Source Technology is the Key to Any Collaboration Ecosystem

Open Source Collaboration Ecosystem Open source – software whose source code is public and can be modified or shared freely ...
Enterprises look for partners to make the most of Microsoft Azure Stack apps

Enterprises look for partners to make the most of Microsoft Azure Stack apps

Microsoft Azure Stack Apps The next BriefingsDirect Voice of the Customer hybrid cloud advancements discussion explores the application development and platform-as-a-service (PaaS) benefits from Microsoft ...

NEWS

EU privacy regulators to discuss Uber hack next week

EU privacy regulators to discuss Uber hack next week

BRUSSELS (Reuters) - European Union privacy regulators will discuss ride-hailing app Uber’s [UBER.UL] massive data breach cover-up next week and ...
Cloud Security Alliance Issues New Code of Conduct for GDPR Compliance

Cloud Security Alliance Issues New Code of Conduct for GDPR Compliance

EDINBURGH, Scotland, Nov. 21, 2017 /PRNewswire-USNewswire/ -- The Cloud Security Alliance (CSA), the world's leading organization dedicated to defining and raising awareness of best practices ...
OVH Announces New Hosted Private Cloud Offerings for US Market

OVH Announces New Hosted Private Cloud Offerings for US Market

OVH delivers next-generation services for hosted private cloud, disaster recovery, and hybridity leveraging industry-leading solutions RESTON, VA--(Marketwired - Nov 20, ...

SPONSORS

Scale your Windows Azure application

Help Your Business Improve Security By Choosing The Right Cloud Provider

Choosing The Right Cloud Provider Security issues have always been a key aspect of business planning; failure to properly protect ...
Has Cybersecurity Become Too Reactive in this Day and Age?

Has Cybersecurity Become Too Reactive in this Day and Age?

Cybersecurity Too Reactive? Cybersecurity today has become far too reactive. The constant innovation of hackers has meant that defenses are ...
Hybrid IT Matures Just In Time To Tackle Complex Challenges

Hybrid IT Matures Just In Time To Tackle Complex Challenges

Tackling Complex IT Challenges Today’s sophisticated business environment demands a dynamic and robust IT infrastructure which is a far cry ...