4 min read
Best practices for secure video meetings
May 6, 2020
Unless you’re hiding under a heavy rock, you’ve seen articles lately on Zoom security issues, outlining the video conferencing vulnerabilities people can exploit. Secure video meetings have become a huge topic across countless industries.
At OnceHub, we designed our native Zoom integration, along with our native Google Meet, GoToMeeting, and WebEx integrations, with security at the forefront of our minds.
We’ve also talked with thousands of OnceHub users who book secure video meetings every day through us. Throughout the years, we’ve learned a lot from them about their best practices and we’re ready to share them with you.
In a nutshell, it comes down to these four principles:
- A unique meeting ID and link for every session
- A password for every session
- If available to your plan, use the waiting room
- Educate your team members before they go live
A unique meeting ID and link for every session
If you’re used to offering a static link, like www.myvideoapp.com/mylink, break that habit fast. It may be simpler to use the same customized meeting link to everyone meeting with you, but that opens a huge vulnerability for uninvited guests. Each session needs its own meeting created, with its own meeting ID.
If you’re using ScheduleOnce’s native integration with Zoom, GoToMeeting, or WebEx, there’s no need to waste time signing into your video conferencing app, creating the meeting, and sending a separate email with the conferencing information. When a customer books with you, ScheduleOnce automatically creates a meeting in your connected video conferencing app and includes all conferencing information in the booking confirmation notification.
Note: Once you have a unique meeting ID, be sure only to share the conferencing information with those you want to join. Many make the mistake of including a joining link on publicly available posters or websites. This increases the risk of an insecure meeting.
A password for every session
Some hackers can use technology to guess unique meeting IDs or may take advantage of publicly-posted information. Make sure anyone joining your session also receives a meeting password and don’t advertise it anywhere except among authorized attendees. This gives an additional measure of security, creating another barrier for uninvited guests.
With ScheduleOnce’s native integration, you can define a password that ScheduleOnce adds to your meetings and all conferencing information provided in notifications. We recommend you update this defined password on a regular basis to maintain secure video meetings over time.
Use the waiting room for the most secure video meetings
If a waiting room feature is available for your plan, be sure to turn it on. This allows you to authorize individuals before they’re able to access your meeting. Uninvited guests may have guessed your link or password, but they still won’t be able to join your session without your express permission.
If you have many people joining, we recommend defining an additional co-host to watch the waiting room notifications and grant people access.
Educate your team members before they go live
Be sure not to skip a dry run for each team member giving meetings. That dry run is one of the most important steps helping them maintain professionalism in their video meetings. Especially if they’ve not used the video conferencing app much, there’s a learning curve they’ll need to adjust to in order to feel comfortable leading their session.
They should have a high awareness of all their available features. Notable settings that help them control the experience include:
- Waiting room features
- Chat features, including disabling private chat
- Muting participants
- Disabling video
- Turning off annotation
- Managing screen sharing of fellow attendees
- Removing participants
If they’ll be occupied with meeting content and a number of people will be present, it may be worth having another person from your organization join. The team member leading the meeting can designate this additional team member as a co-host. The co-host can control the above listed features while the original host leads the meeting.
Team members should also ensure they’ve downloaded the correct software version before their session and join a few minutes early, just in case they encounter technical difficulties. These can be challenging to predict, so their best bet is always to join four or five minutes early, so they can address any unexpected issues.
With a strong handle on the features available to them, they’ll be able to lead the session with authority and be prepared to shut down any unanticipated security issues that come their way. For most sessions, they won’t need to use this knowledge, but everyone (except the uninvited guests) will be grateful they’re ready if a security breach occurs.