How to keep corporate secrets secret during video conferences

Default password and auto-answer function should be changed immediately

Businesses are increasingly using video conferencing to discuss confidential plans and strategies. These video conferences are often accessible via PCs, laptops, smartphones and tablets.

With all of these endpoints, how can companies keep their corporate secrets secret?

Simon Dudley, video evangelist with LifeSize writing for the Washington Business Journal, offers the following tips for video conferencing security.

First, companies should disable the auto answer function, which is often switched on by the manufacturer.

Second, the default password should be changed immediately to a password that would be difficult for hackers to guess and one that is not used on other systems in the organization.

Microsoft (NASDAQ: MSFT) offers the following password best practices:

  • always use strong passwords (at least seven characters long with uppercase and lowercase letters, numbers and symbols)
  • if passwords must be written down on a piece of paper, store the paper in a secure place and destroy it when it is no longer needed
  • never share passwords with anyone
  • use different passwords for all user accounts
  • change passwords immediately if they may have been compromised
  • be careful about where passwords are saved on computers

Third, companies should enable encryption. Most video conferencing systems come with encryption for video endpoints, Dudley notes, so firms should take advantage of the added security.

Fourth, firms should explore their video conferencing security management options: on-premise and infrastructure-as-a-service (IaaS). For small firms, Dudley recommends the IaaS option.  

Fifth, firms should monitor cloud-based directory services to make sure there is no public directory. Video conferencing users should only be able to contact others if they already have their credentials or are with the company's private directory.

Finally, employees should stay alert about security. "The best way to protect your company from outside attacks is to make sure all users learn what it takes to run a secure system. This means ongoing end-user training. Use all the security options available to you, and check your security settings regularly to make sure they haven't changed," Dudley concludes.

For more: 
- read Dudley's blog post
- check out Microsoft's tips

Related articles:
Democrats, GOP slam each other's broadband plans
Survey: Organizations are clueless about cloud security
Security researchers theoretically crack 3G encryption