video chiamate e sicurezza

Cyber security and conference calls

How to make the combination of computer security and video conference work?

In times when video calls are becoming increasingly popular, have you ever thought about how many implications and consequences it may have on your personal and/or corporate computer security?

Carried out from home or from the office, with the personal PC or with that business, video calls and videoconferences can hide numerous pitfalls for your privacy, both as a private subject and as an employee inserted in a company or as its owner or manager.

In conclusion, video conferencing and video calling can be a preferential path for cyber criminals and hackers, opened by yourself and that leads straight to your content and those of your company, whether they are more or less sensitive.

Right now, the working environment is evolving in an increasingly smart way and the smart working and video conference apps are becoming increasingly popular among companies.

A world of work that becomes more and more technological every day and that sees meetings take place even remotely and without the need of presence in the office, unlike what happened in the traditional work to which we have always been accustomed.

No presence in the office in fixed times, neither meetings in meeting rooms nor papers and sheets that fly from one office to another.

To date, the digital transformation of the working environment is a process that’s still in progress, but certainly already started in many realities.
Of course, in private, the ability to connect remotely with friends and relatives has many positive aspects, such as being able to stay in contact and see each other even at a distance of miles and from different cities and countries.
At the same time, smart working and the ability to connect and attend a meeting remotely is something that makes life easier for many, that allows you to perfectly combine the need for work with those family and that has also brought better results in terms of efficiency and productivity, with an increase in the quality of work.
However, it cannot be denied that these innovative systems also conceal problems related to possible breaches of security and privacy.
It’s just recently, in fact, the news of a data breach that has affected the Zoom app, one of the most popular and used for video conferences, and that has led thousands of users to lose their data.

So, how to protect yourself from the risk that a cyber criminal or hacker will sneak into your system and access your sensitive data using the door left ajar by these apps?

Cyber security: how to defend yourself from unsafe apps

Check the Basic Set

Most of the apps designed for video calls, conference calls and webinars are engineered to be rapid and intuitive to use, nevertheless, this simplicity makes them prone to many security issues.

That’s why is always good to set the security settings in advance, so that you can make and receive calls without any concern.

An example of what could happen is related to frequent episodes happened on Zoom and that started the so called “Zoombombing” phenomenon: indeed, it happened in many occasions that some strangers came in video conference and did inappropriate things to the work meeting.

But beyond funny episodes like these, it is clear that would be a serious problem the hypothesis of a stranger who enters a corporate videoconference, even without doing anything striking and just listening. Similar problems were also encountered in Whereby.

In order to avoid this kind of problem, you can act on the settings of the individual app.

For instance, Zoom, like Whereby and other apps, give the possibility to choose who can broadcast audio and video, and who can’t, by changing the Basic Set, which would, otherwise, permit anyone to do so. Moreover, the platform has recently introduced some password protected “rooms”, that allows to access to the meeting only if you have the access code.

Pay attention to recordings

Many apps that are designed for video calls give the possibility to record the video conference, in order to use it later, sharing it or creating a webinar.

However, it may be that the recording device isn’t safe and that might be tapped.

That’s the reason why it is important to install an anti-virus and a VPN on the PC, and set a two-factor authentication on the mobile devices on which the recording will be downloaded.

Keep an eye on microphones

It may seem overzealous, however, it’s worth saying: turn off the smart speakers or at least their microphones, if you’re working from home in smart working.
In this way, you won’t activate them by accident during a work meeting.

Moreover, smart speakers send short audio clips to their manufactures, such as Amazon, Apple or Google and the employees of these companies listen to them in order to verify the accuracy of the devices answers given: you will understand that it is not possible to leak work information, so the advice to turn off smart speakers during a meeting in video conference is really essential.

Attention to the surroundings

Remember that when you are in a videocall, it’s important to check the general frame.

If you are engaged in a work call, then you are definitely talking to a colleague, a supplier, a customer or maybe your boss, so what will appear behind your back or in the general frame should be nothing that you would not take with you to the office.

The same measures must be adopted if you have to share your screen with your interlocutor: personal photos, inappropriate content for a work environment should be avoided!

Apps for video conferences

If you’re looking for apps for your videocalls and video conferences, here are some of them that could be useful for you:

  • Facetime;
  • Duo;
  • WhatsApp;
  • Skype;
  • Zoom;
  • Facebook Rooms;
  • Houseparty;
  • Hangouts;
  • Teams;
  • Messenger;
  • Instagram.

Zoom’s data breach

As already mentioned, in recent months we have witnessed a data breach of users of Zoom, which revealed a significant flaw within this platform.
The prblem has been promptly resolved and by updating the app you can protect yourself from any risks.
However, the weakness has been exposed and Zoom revealed its weak points.
First of all is the encryption used to protect connections: in fact, this uses an AES mode, the ECB, not recommended because it facilitates cryptanalysis.
We talk about end-to-end encryption, but it is not what we mean in the common sense, that is, between one participant and another, but an encryption between one participant and the Zoom servers, which generate and distribute the access keys.

In addition, RTP stream encryption is performed with a proprietary algorithm.

It is clear that the confidentiality of connections is dubious at this point, as Zoom’s servers act as proxy/relay and can, therefore, decipher traffic.
Another downside is the discovery that the traffic of calls made in North America was mistakenly filmed on backup datacenters in China, where the government has full power over communications.
This is a mistake now corrected by Zoom, but which has given rise to much controversy.

In short, pay attention when you intend to use an app for video calls or videoconferences and, above all, always update them, so as to resolve any flaws that may arise.

Share on facebook
Share on twitter
Share on linkedin
Share on email


Crypty Secure

Crypty Secure

Azienda leader nella sicurezza delle comunicazioni.

Post più letti










Ricevi info e news sul mondo della sicurezza delle comunicazioni