Issue link:

Contents of this Issue


Page 0 of 3

SAFEGUARDING YOUR SECURITY AND PRIVACY AT WORK AND AT HOME NEWSLETTER SPRING 2020 SPRING 2020 SECURITY SMART 1 For more information on staying safe online here at BSU or at home, contact Do's and Don'ts of Secure Videoconferencing W HEN THE POPULARITY of any technology increases quickly, the number of bad actors taking advantage of new and untrained users also grows. During the current pandemic, this has been happening with videoconferencing services and applications—for example, multiple reports surfaced recently of conferences being disrupted by intruders who inserted pornographic and/or hate images and threatening language into meetings. While hijacked meetings are disrup- tive and disturbing for participants, a more insidious threat is intruders who lurk without revealing their presence—a nightmare for corporate security and individual privacy alike. The good news is that many video- conferencing products include security settings that can prevent such inci- dents—but it's up to the host to config- ure those settings, and attendees need to follow best practices as well. Here's a list of videoconferencing security do's and don'ts: FOR HOSTS Do enable password protection. Zoom, for example, now auto-generates a password in addition to a meeting room ID. Make sure your service uses both a meeting ID number and a string, and that it also has a separate password or PIN. Do use waiting room features. These put participants in a separate virtual room before the meeting and allow hosts to admit only those people they want to have attend. Don't record meetings unless it's absolutely necessary. If you do record a meeting, make sure all participants know they are being recorded (the software should indicate this, but it's good practice to tell them, too) and give the recording a unique name when you save it. Don't allow participants to screen share by default. Your software should offer settings that allow hosts to manage screen sharing. Once a meeting has begun, the host can allow specific participants to share their screens when appropriate. Do lock a meeting once all the participants have joined the call. However, if a valid participant drops out temporarily, be sure to unlock the meeting to let them back in and then re-lock it after they return. Do eject participants from meetings if an intruder is able to get in or becomes unruly. This prevents them from rejoining. Do make sure that if you host work meetings, you know the specific steps you should take in the software your company uses to ensure your conferences are secure. FOR HOSTS AND PARTICIPANTS Don't post links to conferences on social media. Hosts should invite attendees from within the conferencing software—and invitees should not share the links. Don't use video unless you need to. Turning off your webcam and listening in via audio prevents possible social engineering efforts to learn more about you through background objects. Audio- only also saves network bandwidth on an internet connection, improving the overall audio and visual quality of the meeting. Do use the latest version of the software. Security vulnerabilities are likely to be exploited more often on older software versions. Double-check that you are using the most up-to-date version available. Whether you're having a strategy session with your colleagues or a weekend chat with far-flung family members, keep your virtual meeting private and safe from intruders. Photo courtesy of Zoom

Articles in this issue

Links on this page

Archives of this issue

view archives of BSU - file_download