Security Applications Of Videoconferencing

Jason Cox asked:

Videoconferencing has opened up the world to our desktops. Unfortunately, it has also exposed our desktops and networks to things other than the intended web meeting. Videoconferencing at its best enables improved communication and faster project turn-around. At its worst, it Turns a workplace into a video surveillance system.

Security applications of videoconferencing have become more necessary than ever.

It is important to understand videoconferencing security. In order to secure a videoconference, the key areas of data storage, data radiation, and data encryption must be considered.

The information shared during a videoconference usually contains some sensitive or classified information. Those attending the conference can store data for future access, presenting a certain security risk. PC-based videoconferencing systems that run on PC operating systems use standard hardware.

Since these systems include internal hard drives and plug-and-play connectivity, additional steps must be taken to secure these systems. Specifically, the systems must be equipped with a removable hard drive. In addition, two different hard drives must be used; one for secure calls and one for other calls. The hard drive used for secure calls should be kept in an approved safe location. Because of the cost and inconvenience of securing PC-based videoconferencing systems, they are not very well suited for security sensitive use.

Appliance videoconferencing systems are not based on a PC platform and typically do not utilize standard PC-based hardware or software. They are usually custom designed and manufactured to provide only specific functions. Storage capabilities are usually limited to storing address info, usage data, and configuration settings. Appliance based videoconferencing systems are best suited for secure videoconferencing.

Any conferencing equipment can electrically radiate confidential information. Data shared during a videoconference is susceptible to monitoring by unauthorized personnel. Studies have shown that signals from a video monitor can be picked up as far as a half mile away. The U.S. government has recently issued the National Strategy to Secure Cyberspace, which outlines security recommendations for corporations.

Other vulnerabilities have been discovered in videoconferencing products. One glitch allows unauthorized individuals to gather information about the device, retrieve files, crash the device, or monitor videoconferences. Product lines, can be used to secure your system by denying transmission requests from unauthorized users.

Another major security issue with many videoconferencing systems is that the password protecting the remote management features is passed from the remote management console across the Internet to the videoconference system without the use of a secure protocol.

Any potential hacker monitoring the connection is able to retrieve the password to gain access to remote management controls. With many of the newer videoconference systems able to stream video over the Internet, the attacker can then forward unencrypted videoconferences to any number of anonymous destinations across the Internet. Experts recommend protecting videoconferencing systems with a gateway product that can provide packet filtering, encryption and certificate-based authentication.

It is important to remember that Internet data, including that used for videoconferences, may go through dozens of routers. By adhering to the following protocols, you can keep your system safe and secure.

It is important to keep informed of security exploits and download security patches from the manufacturers of videoconferencing equipment as they become available.

Videoconferencing users need to supplement basic password protection with a stronger level of security. Some online meeting systems identify users by a username and password. Guessing passwords can be very easy to do, sometimes. Make sure the password system is secure, and know who has access to passwords.

When data transfers are taking place, it is important to secure that transmission. Most online transactions are now using Secure Socket Layer (SSL), a protocol designed for secure online communication. Online meeting service providers generally use SSL. Look for the padlock icon on the toolbar at the bottom of the web browser to ensure protection.

Consider scrambling or encryption of data to provide another layer of security. Modern encryption methods are difficult to break. By using such strong methods to scramble files before they are stored protects data even before it arrives to another server. Any business or organization should have a core policy for security issues. Closely examine and periodically evaluate security policies. When selecting an online meeting business, examine the companys privacy statement.

You may also like...