Video calls and virtual meetings help keep teams together when geography or circumstance keeps them apart. As we turn to using those tools exclusively during the Coronavirus pandemic, it’s essential to consider the threats to information security that cameras can create and address those issues before they become problems.
Intentional and unintentional eavesdropping can expose sensitive information to the wrong people. Whether it’s a staffer dropping in by accident or someone signing into a meeting without a headset in public, eavesdropping is a huge risk to information security.
Mitigate it by making sure that every staffer is using a headset or taking the meeting in a secure location. Use a waiting room between calls, greet or identify everyone on the call to make sure it’s the right person, then lock the call for added security. NIST offers some great tips to eliminate eavesdropping.
While it’s nice to see your coworker’s smiling face, what can they see on your desk? Video chat can expose sensitive details and data that can in turn be stolen or make its way to the Dark Web. Screenshots and recordings can also create vectors for information theft or a data breach.
Reduce the risk of privacy issues from video chat by making sure that proprietary information is not visible, turning off or controlling recording features in calls, and monitoring the Dark Web to find out right away if hackers have obtained sensitive information.
The biggest threat to information security in a video call is inadvertent exposure of login credentials or passwords, and not just for work systems. Password iteration and reuse is common. A staffer may know not to write down the password for their Office 365 login, but that sticky note with a Disney+ password that’s on their monitor can help cybercriminals crack it anyway.
Eliminate this problem by reminding everyone of the importance of password security. Change meeting room passcodes frequently, never write down a password or login, and strengthen your password system with two-factor authentication.