Standard Office Systems Blog

Remote Conferencing Security: Tips and How to Find the Right Provider

Written by Erica Kastner | 5/12/20 4:00 PM

CYBER SECURITY | 5 MIN READ

Remote conferencing is more popular than ever before. It allows businesses the flexibility to work on their own terms without requiring clients to drive to their office. However, remote conferencing poses some potential risks to your company's personal data. As a Managed Service Provider and remote conferencing platform provider, we aim to use our expertise to guide you towards  Keep reading to learn about how remote conferencing can pose a data security risk and five tips on how to find a provider that you can trust.

Not enough time? Jump to:

How Can Remote Conferencing Pose Security Risks?

Questions to Ask to Find a Secure Remote Conferencing Provider

4 Tips on How to Hold Remote Conferences Securely

How Can Remote Conferencing Pose Security Risks?

A recent trend in remote conferencing is leaving companies wondering how they can keep their meetings secure. Known as Zoom-bombing, this trend involves an unwelcome guest accessing a private meeting and causing disruptions in the form of loud noises or the sharing of explicit content.

Remote conferencing is becoming so popular that companies in almost every sector, from the government to healthcare and more, are using it to conduct business. Many of these companies are subject to data regulations like HIPAA, PCI DSS, GDPR, and more. 

Companies who share sensitive information over remote conferencing platforms could potentially be breaking these data regulations if an unwelcome guest accessed a private meeting and heard confidential information, whether that's patient data or official government business.

Companies need a secure remote conferencing solution to keep sensitive information away from prying eyes and to avoid potentially breaching data regulations. 

When evaluating a remote conferencing solution for security flaws, there are a few red flags you should watch out for. Ask yourself the following questions to see if a provider is doing their due diligence to keep your company's data safe. 

RELATED: Can Businesses Be Sued for Data Breaches?

Questions to Ask to Find a Secure Remote Conferencing Provider

Will your data be sold?

When your business' private data is sold, it sends a clear signal that the company selling it puts profit over consumer protection. Some remote conferencing solutions have come under fire in recent months for allegedly selling user data to Facebook. This data was then used for targeted advertisements, even to those without Facebook accounts.

When evaluating a remote conferencing provider for ethical purity, consider doing some digging to see if they have been caught selling user data. If your business uses a cheap or free provider, there may be a higher chance that your data is being sold.

What barriers to conference entry are there?

A lot of the time, to join a remote meeting, you just need the meeting link. While this makes the process of accessing a meeting easy, it also eases the process for an unwelcome guest to join your meeting.

Check to see what barriers to conference entry your provider has in place. For instance, can you password-protect your meetings so that only those with the password can join? Enabling passwords for meeting entrance puts another barrier between your company and any unwelcome visitors.

Is there a waiting room for attendees to stay before the meeting starts? Waiting rooms let the meeting start on your terms, keeping attendees from awkwardly joining the meeting before it starts.

Waiting rooms also keep unwanted attendees from joining the meeting early and wreaking havoc, seeing as the host, in most cases, has to manually let them into the meeting from the waiting room.

Which conference host controls are available?

Conference host controls allow the meeting leader to decide who talk or share content. These controls are useful if you're having a large meeting with hundreds of attendees, seeing as they let you mute microphones to control noise, among other benefits.

When it comes to meeting security, host controls provider a great barrier against unwanted intruders. While some conferencing platforms let you host a password-protected meeting to control access, a hacker could still bypass this to enter your meeting.

Some companies have started adding controls that let you close the meeting so that once it starts, nobody new can join. However, without this feature, you leave the door open for an intruder to join the meeting at any time.

In this scenario, if an unwanted guest starts causing disruptions, conference hosts should be able to mute microphones, disable video or screen sharing controls, turn off chat features.

Additionally, if an attendee starts behaving inappropriately, as the host, you should be able to kick them out. Having access to host controls allows you to continue meetings with minimal disruptions and quickly remove unwelcome guests.

How can you use the platform to stay compliant with data regulations?

As more consumer data is collected and stored online, the government has begun to implement more regulations to protect consumer privacy. These regulations can extend to how remote conferencing is conducted if private consumer data is shared.

For instance, if an unwelcome guest accesses an appointment between a doctor and his patient and they hear sensitive information, the doctor could potentially be in violation of HIPAA for not protecting patient confidentiality.

While host controls can be used to quickly kick out any unwelcome guests, check with your remote conferencing provider to see what other methods they use to protect sensitive data that's shared in these meetings. For instance, some remote conferencing providers are HIPAA-Enabled.

One way to test the security of a platform is to see if meeting transcripts are emailed to all attendees, and if so, are these transcripts encrypted? If a company says they do encrypt data, double check  − some of the big players in the industry have been caught red-handed for touting false claims of end-to-end encryption.

Are they FedRAMP certified?

The Federal Risk and Authorization Management Program (FedRAMP) is a government program created to standardize how businesses approach security for cloud products and services. Standardizing approaches helps bring companies into the modern age, encouraging a move away from complicated and insecure old-school systems.

According to a memo published by the Office of Management and Budget, as of 2011, any cloud services that hold federal data must be FedRAMP certified. This could extend to remote conferencing providers who have government agencies as users. 

When searching for a secure remote conferencing provider, check to see if they're FedRAMP certified, as this shows that they have made a commitment to protecting sensitive data. If your remote conferencing platform is FedRAMP-compliant, it will hold the “Agency FedRAMP Authorization” title.

4 Tips on How to Hold Remote Conferences Securely

Once you have found a remote conferencing provider with a secure platform, how will you ensure that meetings are held securely? Use the following tips to set workplace security standards for remote conferencing. 

1. Require passwords for all meetings

Since a conferencing platform will use a standardized makeup for their meeting ID's, anybody can simply guess meeting ID's to attempt to gain access to your meeting. Password-protecting meetings keeps unwanted guests from accessing your meeting. 

2. Lock calls once the meeting begins

Meetings should be locked especially if they're large calls with a hundred or more people. While unknown attendees can be quickly noticed in a small call, they can easily sit in on a large conference call and be privy to sensitive company information.

3. Limit file sharing in the chat

If your meetings are open to the public, you run the risk of an attendee with bad intentions posting inappropriate links or links to malware in the conference chat. By restricting chat functions, you prevent unwanted information in the chat. 

4. Enable all host controls

Host controls can be used to restrict meeting access, remove unwanted attendees, limit who can speak and share their screen, and more. Use these controls to prevent unwanted attendees from sharing information or taking control of the meeting.

Cyber threats seem to be omnipresent, which makes it difficult to navigate the Internet safely. When your company conducts business through remote meetings, the last topic on your mind should be how safe your conference is.

Picking a remote conferencing solution that has multiple layers of security in place gives you peace of mind, especially if you share confidential information during meetings. 

The right remote conferencing solution should have adequate barriers to entry, multiple host controls, and be able to work with you to ensure that you stay compliant with data regulations when hosting meetings.