IEEE Fellow Karen Panetta was lecturing from home to her university graduate students on a video conferencing platform when an intruder logged on and began screaming inappropriately.
“Thank goodness I had ‘share video’ turned off or they could have put up nasty, violent and obscene material on my session,” says Panetta.
As the world adjusts to a “new normal” of remote education and work, video conferencing services have surged in demand as people take to these platforms to connect digitally. According a recent market research report, the global video conferencing market size is projected to reach USD 6.37 billion by 2026, yet these platforms are susceptible to a variety of intrusions that could lead to the theft of private and company data or inappropriately distracting calls and meetings that leave participants feeling they have no control.
Recently the Press Bureau of India said that certain videotelephony and online chat services, are “not for use by government officers/officials for official purposes”. Companies including Google, Apple, NASA, and Tesla have urged their employees to stop using it too. Hence, to protect your students, employees, families and yourself from types of cyber disruptions, we asked IEEE Member Kayne McGladrey for cybersecurity tips for safe video conferencing.
1. Take precautions before starting
Before the conference starts, take these measures:
- Unless there’s a reason to enable call recording, disable the feature when setting up the conference.
- Always set a new meeting ID and password for new meetings.
- People should have good situational awareness of what’s behind them and thus potentially visible in the frame of the camera. This helps prevent accidental data leakage.
- Similarly, before sharing their screen with those on the video conference, people should be aware of what is on their desktop, including file names.
- Disable notifications from others before sharing screens.
2. Ask if your organization supports end-to-end encryption
“Most organizations in under-regulated industries do not require end-to-end encryption,” says McGladrey. “However, organizations in the Department of Defense supply chain and similarly regulated industries will need to select a meeting platform that explicitly supports end-to-end encryption; most enterprise grade systems implement transport layer security, which only secures the communications between the end user and a server.”
Before scheduling a meeting that will be discussing or sharing confidential information, make sure you are familiar with the type of security measures that are in place at your organization regarding video conferencing. If your organization does choose a video conferencing platform that does not have the proper protection set up, and you have no way of putting this policy into place, refrain from sharing any confidential information on a video call.
3. Follow best practices while video conferencing
McGladrey recommends:
- Don’t say things that you wouldn’t say to people in person.
- Many video conferencing systems include a chat system; don’t use it for sidebar conversations that detract from the conversation.
- If possible, set up your laptop or external webcam level with your face.
Overall, it’s wise to use caution when video conferencing and continue to use smart cybersecurity practices while working remotely to ensure you stay safe from unwanted and uninvited digital guests.
