By Jaime Zetterstrom Intrado | VP Information Technology – Fraud and CFCA Board Director
By 2025, an estimated 70% of the workforce will be working remotely at least five days a month. … as an engrained, supported, and normalized model” for employees. … of remote and on-site working, giving rise to a hybrid work model. ‘This Is the Future of Remote Work in 2021’ by Caroline Castrillon from Forbes Magazine. As a security professional these numbers used to scare me. Honestly, it was hard to advise people within an organization that we are all now responsible for security. COVID 19 sent employees home, to their home networks, and is now connected to their work infrastructure. We all hoped that it was through a VPN or some sort of authentication, especially since half of my neighborhood has the other half of the neighborhoods Wi-Fi passwords. These passwords were easy enough for the kindergarteners who now had to live stream class could remember them. It was a recipe for network compromise if there was ever to be an event.
By 2025, an estimated 70% of the workforce will be working remotely at least five days a month.
So many people began using collaboration tools to bring together web products, audio products and of course video products. People used products that had been around for ages and others that just seem to have popped on the scene. These same tools were broadcasted over the same internet connections that the household 5-year-old knew the password to. Were companies worried? Yes, yes they were. Instantly you saw companies’ collaboration tools become compromised. Media stories were picked up showing how random people were joining meetings they were not invited to. It sunk in that everyone is responsible for security. Everyone.
In the collaboration space you need to make sure that your tool has at least the following four features that you control. Meeting passwords, meeting lock, waiting room, and finally active talker/mute functions. Let’s break each of these down into what they are and how they help protect you, your company, and your company’s assets.
Meeting passwords should be set per meeting. Your meeting now takes place on a platform where millions of other meetings are taking place.
Meeting lock is an underused feature, but it does exactly what it says. It locks the meeting room door. No one else can join the meeting unless you as the host let them in. It’s suggested that a meeting lock goes in place as soon as you begin presenting and take your eye off the participant list. The collaboration tool should make it easy to know that someone is in your waiting room and wants to be admitted. The waiting room also protects people from joining a meeting you are hosting that is going over time, but you have another meeting scheduled for immediately after it. By locking your meeting, anyone who tries to join will be placed in the waiting room until you admit them.
Finally, let’s discuss the active talker and mute options. This is your meeting, but sometimes people assume that you know who is speaking. Your collaboration tool should clearly show the name of the person that is pulling the talk line. You should also be able to mute someone that may have stepped away to have a conversation with someone else in their home. Mute and active talker display lets you really control the audio needs within your meeting.
Some basic best practices of meeting security are meetings that cannot happen without a host. The host controls do not pass to another person without the consent of the host. Event details should never be posted on public calendars of events. All large events (more than 15 people) should be registration only and take place on a platform that only allows that event to start 15 mins before and extend 15 mins after the end time. Finally, the host should audit who is in their call, especially if people are in there twice.
A ‘security first’ mindset is the responsibility of everyone! Be aware of your organizational security best practices and comply with them. Ensure the collaboration tool you utilize has security components built into its infrastructure and product design. Familiarize yourself with the features within your collaboration solution as they could save your meeting and your company!
The only way to block someone from joining your meeting is a 7-digit to 10-digit code that is entered. If this meeting were to take place in person and someone who was not from your company wanted to attend, they would have to get into your building, get onto the floor, find the meeting room, and walk in. What are the chances of that? In the digital landscape, it takes a lot less to get into a meeting. By adding a meeting password to the meeting (that changes with every meeting), you make it that much harder for someone to join your meeting who was not invited. Those who were invited should have the information to join the meeting along with the meeting password. The collaboration tool you use should make it easy to share this information with those invited.