In view of the Covid-19 crisis, video conferencing tools like Zoom, Livestorm and others are experiencing dazzling success. However, the use of these collaborative work platforms raises questions.
Zoom allows these users to share files and record conversations. Which potentially means a data leak. It may be a question of documents containing information whose disclosure could infringe industrial and commercial secrecy, intellectual property or data subject to regulatory compliance.
As with any cloud-based application, securing data through video conferencing platforms like Zoom is about the behaviour of those users. Businesses should enforce security protocols that enable excellent collaboration while mitigating risky behaviour, such as:
- Restrict data visibility
- Control file movement
- Prevent unauthorized users from logging in.
Here are four steps to follow to secure your data when your employees use Zoom or Livestorm :
1. Keep an eye on Zoom access
Require that the tool used to be under a corporate license. If you’re using Zoom, make sure collaborators aren’t on free accounts.
Most video conferencing apps allow users to create a meeting ID. If you are in situations where your meetings have many participants, encourage your managers to create unique meeting IDs. It is essential to monitor remote login IDs.
2. Control access to Zoom meetings
It’s essential to ensure that meetings only include the people supposed to attend. To do this, make sure your collaborators are familiar with the basic features on Zoom, such as waiting rooms, video sharing, mute and unmute. Also, show them how to require passwords or when attending sensitive meetings.
3. Block recordings on Zoom
Most video conferencing apps allow users to record meetings. They also allow recordings to be saved to the cloud. This is the case with Zoom.
What do you do if a user chooses to save meeting recordings to their personal computer?
If you don’t have a policy, you can automatically restrict recordings using the file fingerprint. This system prevents certain types of files from being moved across a network to another device.
Pay attention to the transcription of meetings.
Users can receive audio transcripts of recorded meetings if you have this feature enabled.
4. Protect sensitive data
Whether your data is source code, technical specifications, or sensitive information belonging to customers or collaborators, it is essential to control the movements.
A data protection policy can be put in place to prohibit or restrict the movement of sensitive data in a chat (or block it altogether).
Zoom points of vigilance
The fact that Zoom requires a download to power meetings does not guarantee better control of different environments and network contexts. It can also prevent more people from joining meetings.
Livestorm, for example, works with a web browser. So there is no download required. Having something to download is generally not recommended in a B2B network setup.
Finally, Zoom doesn’t offer many report options. You cannot know who came to your meeting and learn the details of their commitment, the duration of their presence, etc.