Security Concerns with Video Conferencing

By Sheila Shanker
Updated: April 08, 2011

Many firms have been taking advantage of technology to conduct videoconferencing using Internet protocols (IP) these days. They can communicate in real-time with offices and clients in remote locations, saving a lot in travel expenses. However, there are certain security risks associated with videoconferencing that must be addressed.

In order to work properly, a video conferencing program must interact with other systems within your network, which can introduce security risks. Using encryption between the video setup and the rest of your network helps in minimizing any possible problem. Any browser interfaces should use SSL security.

Password-protect your meetings and give access to only those with appropriate login information. You could set up a list of participants to the meeting, and only those individuals have access to join in. The same level of care should be taken as to who can record meetings.

Using a hosted video conferencing, which uses a third party for communications, is riskier than on-premise system. Why? Because it exposes the firm to individuals who are not part of the business. This means that you must inquire about security with your hosting firm to assure that your privacy is protected.

Security threats involve the possibility of someone hacking the video conference with “denial of service” attacks, viruses, and other issues involving buffer overflow and other matters. You could consider a “session border controller” instead of your regular firewall because the controller is designed for media flows and can be used as a filter and manager between the enterprise network and the outside world.

Below is a summary of threat types and ways to control them:

  • Threats against the end-points and serves can be controlled with a public key infrastructure, also known as a PKI.
  • Threats against the control channel can be managed with the SIP/TLS encryption of signaling.
  • Threats regarding spying or modification are handled by SRTP media encryption.
  • Threats involving the SIP trunking, which is used to connect the Internet to the internal PBX, can be handled by requiring mutual authentication of all the devices in the trunk. It’s suggested to end the SIP trunks on a SIP proxy, such as a Sub-band coding (SBC).

Video conferencing is a great tool to conduct meetings, while saving a ton in travel costs. However, concerns about security with video conferences are legitimate and should be taken seriously. As technology progresses, so do security risks. Encryption and password-protection should be your first line of defense to be employed whenever possible. Be careful, but don't let your security concerns prevent you from taking part of this exciting Internet functionality.

Featured Research
  • The Benefits of Desktop Video Conferencing VS. Conference Room

    If you are holding on to the idea that meetings have to be held in a conference room, it’s time for you to reconsider. more

  • How Video Conferencing is Reshaping Education

    Video conferencing is quickly transforming education.Consider the fact that it removes educational barriers while simultaneously improving the quality of remote learning opportunities. These points alone are exciting, but the benefits of video conferencing don’t stop there. more

  • How Video Conferencing is Transforming Healthcare

    The telemedicine revolution is finally happening. Experts have been discussing the potential for patients and healthcare providers to connect remotely for years, but the market is just now moving to adopt it—in a big way. Data suggests this market will grow over 14% annually through 2020! more

  • Video Conferencing Software Cost Guide

    The benefits of video conferencing are well established. Investments usually deliver a great ROI thanks to increased worker productivity, reduced travel costs, and better collaborations. more

  • The IT Manager Who Shattered Shadow IT

    Shadow IT has become a household (or office-hold) name in today’s modern businesses, but what a lot of organizations don’t realize is the number of risks involved in ignoring those rogue technology installations. The average large enterprise uses around 1,220 individual cloud services, which is more than 13 times the 91 services recognized by IT departments. more