Web Conference, security means protecting the privacy and integrity of your meeting and data; protecting hosts, participants. To ensure proper security there are two aspects. One aspect is technology used for web conferencing and the other is the organization security policy.
We did extensive research on all aspects of security issues of web conferencing and here is a simple but extremely effective list for your easy reference
1. Identify your participants and send them invitation before hand using secured mail services. If you are sharing conference security code, please mark your mail as “do not copy” which is a feature of most recognized mailing system like Lotus note.
2. If possible, have a small set up of web conferencing equipment inside your own DMZ area. The advantage of hosted model is that you can keep the information within your company’s IT infrastructure. You can use it for extremely sensitive meeting. In case of high demand, avail the services of conference call providers for less sensitive conference call.
3. It is highly recommended to use 128 bit encryption algorithm for HTTPS. Nobody can understand or alter by eavesdropping on the Internet if you use encryption algorithm. However, you have to pay extra if you want to use SSL (Secure Sockets Layer), of highest strength. You need to make trade off between cost and benefits based on risk assessment of the conference.
4. You should use cross platform technology for highest security. You need to check security of web conference client and browser side both.
5. Organization security policy should include followings:
a. Strict policy for userid and password management
b. You should not download sensitive document in conference call provider’s server. If you need to download it, delete it immediately after completion of meeting
c. Use soundproof room, so no body can overhear the discussion outside the conference room
d. Do not allow file transfer or use of instant messenger
e. Do not allow camera to record the session to the extent possible.