Skip to content

Key considerations for cybersecurity when using video conferencing

Cybersecurity risks with video conferencing

It’s no exaggeration to say that the security of our systems and data is fundamental to people’s everyday business and personal safety. We rely on secure connectivity to run hospitals and airports, to access our money, to manage our governments, and even to operate our cars. 

Here, we discuss the key considerations for cybersecurity when using video conferencing technology.

 

 

Why is cybersecurity so important now? 

Cybersecurity breaches are up globally, meaning that consciousness around cybersecurity is also on the rise. Even before the Covid-19 pandemic, the majority of business leaders felt their cybersecurity risks were increasing. In the first half of 2020, data breaches exposed 36 billion records in the U.S. Some figures show more than 90% of healthcare organizations have experienced at least one security breach in the past three years.  

There is also a huge economic cost when businesses fail to properly secure data. The average cost to a business of a data breach is US$3.86 million and cybercrime as a whole is expected to cost the global economy $10.5 trillion by 2025. 

Critical to note is that personal data is involved in more than half of all breaches. This is important for organizations who are handling the sensitive data of the clients, customers, patients, and citizens who they engage with through digital channels. These kinds of data breaches can lead to lawsuits, fines, loss of customer and market trust, and even criminal consequences.

 

critical_meetings_government-5-participants-web-1

What are the most important data security considerations when it comes to video conferencing?  

Today, we are increasingly relying on video conferencing and video-based customer engagement at the same time as cybersecurity breaches are on the rise. This means that the risks (especially to certain industries like government and financial services) are becoming more severe. At the same time, the pandemic has shown us the vast benefits of video-enabled collaboration. 

According to Pexip’s 2021 Global Report, 71% of business leaders in large enterprises now use video conferencing daily, and we know that hybrid and virtual meetings are here to stay. So how do you protect your organization from the threat of cyber attacks?

First, it’s important to know your risks, and these risks will be different depending on your industry, the types of meetings or and interactions you have, and the types of users you’re engaging with. Having your service compromised may be more or less significant depending on different scenarios. A whole portion of your workforce could be cut off, sensitive client data could be shared, or, in a worst case scenario, classified military or intelligence data could be compromised.

 

critical-meetings-1In our focus on secure meetings and classified communications, we have identified some specific types of meeting security that can be especially harmful if breached:

1. Intellectual property discussions involving patents, design, development, and other sensitive or business-critical information.

2. Call logs and records that show patterns and frequency of internal, intercompany, or inter-agency meetings. This kind of call data can signal or reveal confidential business dealings such as mergers and acquisitions in the private sector, or could jeopardize confidential intelligence related to call participant records or meeting patterns in government or military use cases.

3. Disruption in a meeting from unwelcome attendees when highly confidential content is being discussed or shared. In the government use case, this kind of breach could threaten national security or make your organization more vulnerable to espionage operations. 

Without widespread or standardized policy for video conferencing, businesses and organizations must rely on the products themselves to offer appropriate security for their use case. The simple solution? They need to work with a trusted vendor.  

 

Why a trusted third-party provider should be part of your cybersecurity plan 

At Pexip we planned ahead, years before these types of vulnerabilities became a critical concern. We started with a very conscious decision from day one: we wanted to give our customers the opportunity to control their level of exposure. If they wanted to host their own server in their own data center or even their own room, they would be able to. 

Our vision was always that the world would arrive at where it is now: people and organizations using video every day to enable connections, share information, and make meetings more accessible to workers and customers everywhere. We were conscious of the security measures needed to handle that, which is why we started to put them in place from the beginning. 

No other video conferencing business does what we do to protect our customers’ data privacy. Pexip is the only platform that can be self-hosted and bypass the open internet. Without a connection to the internet, data is protected from interception and breaches. 

If you haven’t factored cybersecurity into your strategic planning, this might sound intimidating, or even high-risk. But with the right tools and policies in place, video conferencing becomes a powerful and trusted tool. 

 

It's not too late to get it right

The rapid acceleration towards remote and hybrid models of working pushed many large organizations, even those with many high-stakes meetings, to use cloud-based platforms susceptible to cyber-attacks, exposing billions of people to breaches.

Most video conferencing tools use centralized data warehousing. Everything you do on these platforms goes to a centralized cloud environment. Now, in theory, that means it is easy for you to access from any device or return to later, but we know that any Cloud service that is connected to the internet is also a potential target. 

The truth is that there is still a frightening amount of faith put in free tools and even hyperscale providers. Ownership of video solutions is essential for enterprise visibility and control over data, whether those solutions involve hardware, software or both. 

But for most organizations, flexibility is equally important. New ways of thinking about collaboration are needed to ensure security in high-stakes government interactions and enable confidence and growth in enterprise business. The choice to use video conferencing is no longer reactive, and organizations have many choices.

Now is the time to stop using quick-fix solutions, and choose a provider that allows you to ensure the highest level of cybersecurity in your organization.

 

 

Learn more about Secure Spaces by Pexip, and our unique approach to privacy and security.

 

Geir Arne Sandbakken;Information Security Director
Geir Arne Sandbakken
Information Security Director
Geir Arne is Information Security Director at Pexip and has been building video communication systems for more than 20 years. He has a passion for operational security, network protocols, and secure real-time media systems.

Pexip Blog

Subscribe to our blog for the latest company news, product updates and upcoming events.