Skip to main content

Privacy and security: two must-have ingredients of an enterprise video conferencing platform

Image Credit: Flickr / Book Catalog
(Image credit: Image Credit: Flickr / Book Catalog)

As many of us approach the half year mark of remote working, we’ve become accustomed to virtual working. Indeed, for many companies this has paved the way for a 180 degree shift away from the traditional office set-up. Just last month, Fujitsu announced a ‘permanent working from home policy’, and a few months earlier, tech giant Twitter, declared that its staff could work from home forever. Latest figures from the Office for National Statistics said 49 percent of workers reported working from home at some point in the seven days to 14 June, up from 41 percent the previous week. It’s a trend that is set to continue.

Technology, is of course, the key enabling factor here. And of the tech at our fingertips, video conferencing has played - and will continue to play - a critical role. With video collaboration as part of a company’s communication stack, it can connect employee team members and keep them engaged and at the heart of its business. Moreover, video meetings allow firms to maintain human connections with people and support remote workers as they strive to create ‘the new normal’ of working.

The video conferencing market was worth $14 billion in 2019 and is projected to grow to $50 billion by 2026, according to a report earlier this month from research firm Global Market Insights. "The video conferencing market is expected to witness high growth during the coronavirus outbreak," the report said.

However, every silver lining has its cloud and this huge increase in the use of video has also brought increased security concerns. A host of security issues emerged for Zoom in early March, including controversies over encryption levels and the practice of "Zoombombing" where strangers intrude on others' meetings. Sometimes, these intruders listen in without anyone knowing they're there. Other times, they totally disrupt the meetings sometimes in ways that threaten the business in its entirety, integrity as well as confidential information. This prompted scrutiny from US authorities and temporary bans from schools in New York City and Singapore.

Understanding the risk

A recent study by IBM found that remote work appears to be growing on people, as more than 75 percent indicated they would like to continue to work remotely at least occasionally, while more than half - 54 percent - would like this to be their primary way of working. A separate study from Instant Offices found that 73 per cent of employers consider working from home to be the ‘new norm’ while 65 per cent of UK workers say they are more productive at home compared to their regular offices.

But before companies rush to embrace video conferencing, they need to understand where potential risks might lie.  And it’s rarely as simple as clicking a link and joining a video. There needs to be careful consideration to ensure privacy and security for all users, and their data.  There are good reasons that laws and regulations like GDPR, CCPA and HIPAA exist.

Here are some key considerations:

Your customers’ data must be your #1 priority

You must understand how your chosen video conferencing provider manages your data so make sure that you familiarize yourself with their policies in this area.

Know what kinds of user data are being collected. This will probably include basic information submitted by users such as a username and email address to establish a video account. But there is also the data that’s collected in the background - most likely without the user even knowing about it. This will be things like IP addresses, device types, platform operating system and called/calling party video addresses. The collection of these types of data is all pretty routine, but this leads nicely on to my next point...

You need to be aware of what's being done with this information. There are certain things that are permissible. Using the data to enable the call itself is permissible, as is providing usage history to enable billing for example. However, it is not permissible to share the data with any unauthorized outside parties. Users of any video conferencing service should be confident that their not only data is private and secure, but should they wish to know they can ask the provider to tell them how they are using the data, where it is stored, how long it is stored for, and under what regulatory standards it handles such user data.

How is your data being handled? In addition to considering where it is stored, organizations must have a handle on who has access to the data. Even if the data is encrypted and not human-readable, there may be requirements that the data reside within a certain geography.

Security is everything

First, understand what level of security you need?  Catching up with your friends and family via HouseParty is a completely different ball-game to sensitive business negotiations.  Most organizations are going to need a secure communications channel - but how secure should it be, and to what standard?  For meetings where you cannot compromise on security ensure industry security protocols such as AES-128, AES-256, SSL and TLS are adhered to.

In addition to end to end encryption, consider other security tools such as waiting rooms that ensure only those invited can attend the call, which participants share content and the ability to eject unwanted participants.

Privacy and security critical

For many businesses, the first half of 2020 will be remembered as unusual, challenging but also transformational. Digital transformation has been a ‘must get on with’ process for CIOs the world over and indeed, many organizations are a significant way along this journey. The enforced work from home that we’ve just experienced has accelerated businesses’ need to equip teams with the tools to work effectively, efficiently, and securely. Today’s more-mobile workforce now requires greater, and more convenient, access to workplace collaboration tools than ever before - but privacy and security cannot be an afterthought - it must be built in.

Lockdown will leave a lasting digital legacy. The coronavirus has radically changed the way we live, work and communicate online, with millions of people using online video services for the first time. As the way we communicate evolves and people broaden their online horizons, we must ensure that people have a positive experience, and that they’re safe and protected.

Amit Walia, EVP Managing Partner, Compodium (opens in new tab)

Amit Walia is President, Products and Marketing at Informatica, based in California. He is passionate about data transforming businesses, government, and mankind.