Information security for the new normal: 2 Videoconferencing

May 1, 2020

3 minute read

This is the second information security post in a series of three; the first looked at the rise of phishing emails.

Attacks on videoconferencing

Another increase in cyber crime involves attacks on videoconferencing. The reason for this is simply that practically all businesses and schools across the world have switched to home working and schooling. For hackers this provides a great opportunity, both because numbers are so high and because home IT arrangements generally are more vulnerable to attack.

The incredible rise in popularity of apps like Zoom shows clearly that people want to connect with others by using products that are uncomplicated, responsive and easy to understand. Set against that, Zoom users have experienced a number of worrying attacks, including meetings being hijacked with pornographic images.

This not intended to be anti-Zoom! By all reliable accounts their team has already made security improvements and is working hard on more. But it does illustrate well this quote from Reza Zaheri, founder of 1:M Cyber Security:

There is always a juggling act between security and ease of use when it comes to tech products.

In the ideal future (not far away we hope) all videoconferencing software will not only be easy to use but will also come with security settings switched on with warning messages for users about turning them off.

The onus is upon us

In the meantime the onus is largely upon us as individuals. If you plan to host a videoconference/online meeting, follow these steps to keep it secure:

  • Only use enterprise level software. It comes at a price – but it is safer than free or basic versions.
  • Make sure your videoconferencing software is running on the latest version. Updates always improve security. If possible instruct participants also to update their software.
  • Never share the link to your teleconference/online meeting on social media. Keep the link private.
  • Make use of the waiting room feature that places participants in a separate virtual room before the meeting so you can decide who to allow into the meeting.
  • Ensure password protection is enabled, then follow good password practice – either by generating a long string of numbers, letters and characters, or using four unconnected words that could not be guessed.
  • As the host, manage screen sharing so that you are the only person able to share. During the meeting you can decide which specific participants to allow to screen share.
  • Once the meeting has started, lock it.
  • Blur the background if your video is to run during the meeting and advise participants to do the same. If you can’t do that, sit in front of a plain wall where there are no clues about you and your home.
  • Only record the meeting if you really have to and make sure everyone participating is aware and has consented.

Happy, safe videoconferencing in the new normal world!

The third and last in this blog series will look at the risks and benefits of the recent, sudden changes in the ways we work with children and young people.