The rise of video conferencing during Covid-19 crisis
A blessing in these uncertain times of social distancing is the ability to stay in touch with family, colleagues and clients through video conferencing apps. According to the latest from App Annie, a mobile market data and analytics platform, due to Covid-19, business conferencing apps have experienced record growth as they reached 62 million downloads during the third week of March 2020.
There are different tools that are helping organisations to continue to run their business from home. A survey conducted by Owl Labs concluded that 89% of companies use multiple video conferencing platforms, and on average a company regularly switches among several conferencing solutions. At present most of these platforms are cloud-based systems, as they are more affordable in terms of costs and they can be used by a group of individuals from different organisations.
However, when choosing a platform, we should be aware of privacy and security related risks.
Video conferencing apps in the spotlight
Recently there have been privacy concerns related to two app providers, Zoom and HouseParty. The first one is used by organisations all over the world and it is facing now significant challenges in terms of data protection and cybersecurity, especially since the New York's Attorney General has questioned whether user's privacy is sufficiently protected. In fact, numerous users have claimed about the "Zoombombing" phenomenon, which consists of uninvited users joining private conference rooms to disturb the participants. Consequently, Zoom has publicly apologised about the platform's issues and has promised that they will work over the next coming weeks to make it right.
HouseParty has also been under scrutiny, as the security levels of the app have been questioned since some media published that numerous users claimed their data was used to access their accounts on other apps such as Spotify and their emails and bank accounts had been hacked. However, HouseParty stated that there is no evidence of their systems being affected by any data breach. So, it will be necessary to keep an eye out to see how these cases evolve.
At a glance, the fact that these tools are easy to use, makes it seem as if no risks could be in place, but we should be aware that the simple fact that a camera is recording us can already pose a risk, especially in terms of protecting our personal data, such as our image and voice. Therefore, it is very important to reinforce security measures in order to avoid security breaches or identity fraud.
Actions that can lead to risks when using this type of platforms
Some common mistakes that can put your privacy rights at risks include:
- Not turning off the web camera when the system is not in use and not turning off the microphones after finishing the video conference.
- Making the directories public.
- Not using passwords to protect the system without preventing unauthorized users from accessing them.
In this regard, it is very important to protect through encryption protocols and passwords, among others, the video conferencing in meeting rooms and audio. In addition, video conferences which are stored in the cloud should be also encrypted and with restricted access. It is important to ensure that those third-party organisations we engage with, guarantee all kind of protection against cyber-attacks.
How to mitigate these risks
It seems difficult to eliminate all technology related risks. However, every effort should be made to try to mitigate them as much as possible. Below are some tips every organisation should follow when using video conferencing platforms to avoid potential data breaches:
- Do not establish communications with strangers or those who are not on our contact list;
- Verify the identity of new contacts by other means, especially when we are going to start a video conference with them for the first time;
- Do not use user profiles without secure password authentication;
- Keep the software of the videoconferencing systems updated;
- Disable desktop sharing and video reception by default;
- Use private rather than publicly accessible conference rooms in the video platform; and
- Make sure you have Data Protection, Incident Management and Disaster Recovery policies in place.
Helpfully, the Irish Commissioner has issued a list of tips for video conferencing, which includes recommendations for users and companies.
Covid-19 has made us more dependent on video conferencing systems as they can help organisations to run their business smoothly, but companies need to make sure they are handling data protection and information security properly. By protecting the safety and confidentiality of their information, organisations are not only mitigating potential risks, but also protecting their clients, employees and reputation.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.