With people worldwide forced to work from home due to the coronavirus epidemic, NIST and DHS published a series of recommendations on how to ensure that virtual meetings and connections to enterprise networks are protected from prying eyes.
Conference calls and web meetings have long been part of modern work, as they play a vital role in ensuring the necessary communication with remote workers (teleworkers).
The security of virtual meetings might often be an afterthought, but basic precautions can ensure that they don’t lead to data breaches or other security incidents, says Jeff Greene, director of the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST).
Most virtual meeting services have built-in security features, but following an organization’s policies for virtual meeting security should ensure strong protection. Organizations should also consider limiting the reuse of access codes, using one-time PINs or meeting identifier codes, and adopting multi-factor authentication.
Additionally, Greene encourages the use of a “green room” or “waiting room,” enabling notification when attendees join in, using a dashboard to monitor attendees, recording of the meeting only when necessary, and disabling features that are not required, such as chat or file sharing.
Furthermore, attendees should be instructed to make sure that no sensitive information is inadvertently disclosed during the meeting when sharing their screens.
He also underlines that, when sharing highly sensitive information, additional steps should be considered, such as the use of approved virtual meeting services only and of unique PINs or passwords for each attendee, a dashboard feature, locking the call once all attendees are online, encrypting recordings, and conducting web meetings on organization-issued devices only.
Support the originator by clicking the read the rest link below.
