Amit Walia, CRO at Compodium, looks at the security risks of business video conferencing.
The changes businesses have made to ensure business continuity during the COVID-19 pandemic mean that distributed, remote workforces are now commonplace in every country around the world. While remote – or certainly flexible – working was already gaining popularity, in most industries the pandemic has catapulted organisations years forward in terms of both working practices and technology. Video conferencing is now ubiquitous. Indeed, the ability to communicate with customers, colleagues, clients – even patients – using video conferencing platforms offered many organisations a practical lifeline in 2020.
Authenticity in an era of digital meetings
The year has been a turning point for video conferencing. No longer an occasional tool or ‘nice to have’ – video conferencing platforms are now a staple component of most organisations’ wider IT toolset. This shift has seen a new take on authenticity – how to be (or at least appear) authentic in a business video meeting. What to wear (hint: ditch the stripes), how you should think about lighting, what background to choose – all questions most people had not considered in a previous era of occasional video calls. Indeed, with limited research on the subject, Harvard Business Review set out to answer these questions once and for all in March 2020 with its own research.
However, while the right lighting, shirt pattern and background colour may help someone seem more authentic on a video call – how can you be sure that the person you are talking to is indeed who they say they are? For many businesses now using video conferencing as a primary communication tool, meetings can contain commercially sensitive, confidential and at times even regulated information – from personally identifiable information (PII) to payment card industry (PCI) regulated data. Whether it’s a new client, customer, or a first-time meeting with a partner or other third-party organisation, the ability to guarantee you are discussing the right information with the right person over video is now paramount.
This question might seem odd – after all, how often would you ask someone for ID if you meet them in person? However, outside of the confines of virtual communication, impersonation becomes far harder. People are indeed asked to verify their identity regularly – for example when entering an office building – and the nature of in-person meetings means there are many more safeguards in place against sensitive data loss.
Privacy and security built-in
The question of digital authentication is part of the wider security concerns brought to light in the rapid and widespread adoption of video conferencing. Controversies over encryption levels and the practice of “Zoombombing” – where strangers intrude on others’ meetings – have been some of the most widely reported this year. Intruders have been known to listen in on video calls without anyone knowing they’re there. Others have completely disrupted meetings in ways that threaten the business in its entirety, integrity as well as confidential information. A prime example in one high-profile case saw pranksters intruding on a court hearing of a man accused of July’s Twitter hack.
As the conversation around the wider security of video meetings has grown louder, Zoom announced it would backtrack on previous refusals to provide end-to-end encryption to free users of the service. This was a major victory for the activists and civil liberties organisations campaigning for privacy and digital protection – data transmission is one of the most vulnerable areas of video communication. Ensuring a comprehensive level of security for those taking part in digital conversations is now vital. During a video conversation, data travels over multiple networks – both public and private – and end-to-end encryption is the foundation of protecting this data in transit.
End-to-end encryption – which is vital for privacy and security and will now soon be available via even the most basic video conferencing solutions – is not enough to meet the high standards many businesses require. Instead, authentication is the key to ensuring the growing adoption of video conferencing meets the same high standards delivered to clients, customers or partners in-person.
Authentication provides a double layer of trust, ensuring both parties can be confident that they are speaking to the right person within an entirely confidential virtual space. Only by ensuring video conversations are both end-to-end encrypted and authenticated can businesses provide the highest levels of privacy and security. This ensures the identity of every conference participant is fully authenticated before the conference is initiated.
Securing the digital future
The video conferencing authentication process is simple, but hugely effective. It represents the first step in a more digital, video-driven future for businesses. For many, 2020 will be remembered as a year of change – extraordinary, challenging but also transformational. Digital transformation has been the key driver for CIOs and business leaders – to ensure business continuity, agility and continued commercial success in a fundamentally changed world. Equipping teams with the tools to work effectively and efficiently from any location has been crucial – but business leaders must ensure that this doesn’t come at the cost of security.
Privacy and security must be built into the digital future. Businesses need to ensure they are laying the right foundations for continued innovation. Without question, video conferencing and digital meetings will continue to play a significant role for businesses in 2021. Ensuring security and privacy are at the heart of this will be crucial.