Working from home offers a huge benefit to employees. However, it can also be a huge headache for employers if not implemented correctly.
For large companies the goal is to increase cybersecurity, efficiency and recruitment of new highly-skilled employees. But smaller businesses and those that handle sensitive information have been much slower to adapt. If you’re in that group, or if you just want to find ways to keep your information safe as people jump in and out of online meetings, you are not alone.
So what are the best steps you can take to protect yourself? How can you set your employees and your business up for success while giving your people the freedom they need to feel appreciated and productive?
Here are some of the considerations that experts recommend setting up remote workers for teleconferencing and internet meetings for your team:
Enable Password Protection
This one sounds simple, but the number of people that leave meetings open for convenience might surprise you. Make sure that your meetings have both a meeting ID and a separate password or PIN. Just like you would with any of your devices or protected accounts, create a password that is not so easy to guess, such as “PASSWORD” or any consecutive string of numbers. When you send the meeting invitation, ask your attendees not to share the password with anyone other than the attendees that are supposed to be in the meeting.
Use a Unique Meeting ID
You can set up a personal meeting code or ID that will allow you to use the same ID for every meeting that you host, but that convenience comes with the tradeoff of being much less secure than using a unique ID every time. Most meeting software providers offer the ability to generate a unique access link for each meeting and you can even send invitations to participants directly from the meeting creation interface. The same principal goes for using an invitation instead of a personal room.
Use Waiting Room or Permissions Features
You’ve probably been in a meeting when you see a message pop up with some variation on the phrase “John Doe wants to join the meeting. Admit?” These features are designed to create an extra barrier of protection against unwanted attendees, because even after entering a password, the individual has to be approved by someone already in the meeting. This can be annoying for the person waiting to enter, especially if they aren’t noticed right away, but it’s a great way to add an extra layer of protection to your meetings.
Give People the Boot
If you suspect an attendee is in the meeting without permission, don’t be afraid to remove them from the session. If they are supposed to be in the meeting, you will likely hear about it, either from them or another attendee. This process will be a lot easier for you if you’ve made sure that all of your users have a screen name that at least partially resembles their real-life names. Seeing “John Smith” in a meeting inspires more confidence than seeing a funny or nonsensical username like “TeddyBear1234”, so make sure your staff knows best practices around usernames. It’s also just good professional meeting etiquette to have a grown-up username.
Don’t Share More Than Necessary
Screen sharing is a necessary part of video conferencing, because there’s no way to visualize concepts without it. Many meeting apps give users the ability to share just one application instead of the entire screen. This can help prevent unwanted access or viewing of information such as internal company URLs, browser tabs, passwords, and other data. The same goes for being careful of which screen or app gets shared. It’s a good idea to establish a list of approved apps and information that can be shared by people in the meeting to prevent unintentional oversharing.
On the other side of the sharing coin, make employees aware of the dangers of sharing company data or meeting screenshots on social media. Video calls can unintentionally show off a huge portion of workers’ home offices, which may lead to to unintended violations of privacy if shared in the wrong places.
Disable File Transfers
If someone makes it into your meeting without your permission, having the ability to upload or send files may make it easier for them to transfer malicious data to a legitimate attendee. People sometimes assume that, because a user is in the call, they are authorized to be there, which can be a dangerous thing.
Only Use Video as Necessary
If you don’t need to see everyone’s faces, don’t require camera usage. This will prevent any unwanted access to attendees’ cameras and can prevent bad actors from gaining the ability to social engineer their way into your company’s private business. Cutting video also reduces the bandwidth required to run a meeting, which may greatly improve the quality and stability of the call for all attendees. Many video conferencing platforms like WebEx, Google Meet, and Zoom work behind the scenes to optimize performance, but many people’s wi-fi still can’t keep up.
Keep Software Updated
This doesn’t just mean the meeting software, either. It’s important to keep your computer’s operating system as up to date as possible to help avoid malware and other attacks. Software companies constantly patch and update their products to fix vulnerabilities and other problems that can be exploited by bad actors.
Use Recording Features Sparingly
This is especially important if you discuss sensitive topics or trade secrets in your meetings but will go a long way toward keeping all of your information safer. Storing a recording after the meeting can make it quite a bit easier for an attacker to gain access to the information, even if they don’t make it into the meeting itself.
Once all of your expected participants have made their way into a meeting, lock the session to prevent anyone else from gaining access without your permission. Once the meeting has started, you may need to unlock and allow people to re-enter if their connections drop or other interruptions arise.
Limit Access Points
Popular meeting software like Zoom have mobile apps for smartphones and tablets, but that doesn’t mean that it’s a good idea to let attendees access from any device. If your company issues equipment, it’s a good idea to require that people use those items to access company-hosted meetings. Personal devices can be compromised in a number of ways, and may not offer the same levels of security that a company laptop or other device might.
Limit Meeting Rights
You don’t share access to all of your company’s information to all employees, and the ability to start a meeting should be no different. Limit the ability to start or run a meeting to only the people who need it. This will help you control the flow of information and narrow down the source of a breach, should one happen.
Train Your Employees
Even if they don’t have the ability to start or run a meeting, you’ll still need to cover the basics of etiquette and safety in your company’s meetings. This can include things like keeping video cameras off until absolutely necessary, muting microphones until needing to speak, how to enter and leave the meetings, and more.
On the security side, this can help prevent people from clicking on a malicious link or letting an unknown attendee make their way into the meeting. It’s important that everyone is on the same page with best practices and acceptable conduct.
No solution is going to be 100 percent effective, but by taking steps to make sure everyone understands the ground rules and to make them aware of the threats that exist in the world of online meetings, you can help protect your company and your employees.