Video conferencing best practices

Home » Video conferencing best practices

There have been several reports nationally about video conferences being disrupted by individuals transmitting hate speech, profanity and pornographic material. Please see recommendations below to mitigate these security risks.

Also, a reminder: Do not click on emails where you don't know the sender, email has inconsistencies with grammar and/or spelling, or contain a web link you're unfamiliar with.

Zoom

  • Record with care: Only record if you plan to use the material later. Do not have the automatic record feature enabled. 
  • Create private meetings: The meeting manager can require use of a password, or create a waiting room and admit participants individually. Close the meeting to new participants after everyone has arrived by choosing the Lock Meeting option.
  • Invitations: Email or text invites directly to participants. Do not share on social media.
  • Screen sharing: Change the screen sharing options to “Host Only” to prevent others from sharing video.
  • Mute options: The host can disable video and mute audio for participants. Text chat also can be disabled.
  • Blocking uninvited guests: Uninvited participants can be ejected by putting the mouse over that name and choosing the Remove option. They can also be blocked from rejoining.
  • Updated software: Make sure you have the most recent update to ensure you have the latest security features. This is true for all software on your computer.
  • Sign in directly instead of going through another account. This limits personal data Zoom has access to.
  • Disable file transfer if this feature is not required. Same for annotation if it is not needed.

WebEx Best Practices:

  • Auto Lock Personal Room for secure meetings: Set your Personal Room to automatically lock when your meeting starts. CISCO recommends locking your room at 0 minutes. From the Classic View, this can be done from My Webex > Preferences > My Personal Room on your Webex site. From Modern View, go to Preferences > My Personal Room. This is essentially the same as locking your room when you enter it.
  • Personal Room Notifications Before a Meeting: When users enter your lobby, they can send an email notification that they are waiting for a meeting to begin. Unauthorized users that gain access to your Personal Room lobby can also end notifications. CISCO recommends reviewing email notifications before starting a meeting to screen unauthorized attendees. If you have not autolocked your Personal Room at zero minutes, then all attendees waiting in your Personal Room lobby enter the meeting when you do. Review the participant list and expel any unauthorized attendees.
  • Schedule Unlisted Meetings: To enhance meeting security settings, hosts can opt not to list the meeting on the meeting calendar. To not list the meeting from the Schedule a Meeting page, uncheck Listed on public calendar to help prevent unauthorized access to the meeting and hide information about the meeting, such as its host, topic, and starting time. Choose a level of security based on the meeting's purpose. For example, if you schedule a meeting to discuss your company picnic, you can set only a password for the meeting. If you schedule a meeting in which you will discuss sensitive financial data, you may not want to list the meeting on the meeting calendar. You may also choose to restrict access to the meeting once all attendees have joined.
  • Secure Meeting with Complex Password: Under most circumstances, protecting all meetings with a strong password is highly recommended. Passwords protect against unauthorized attendance because only users with access to the password can join the meeting. Do not reuse passwords for meetings.
  • Exclude Meeting Password from Invitations: If you check Exclude password from email invitation when you schedule a meeting, the password will not appear in the invitation. You must provide the password to attendees by another means, such as by phone. For highly sensitive meetings, exclude the meeting password from the invitation email. This prevents unauthorized access to meeting details if the invitation email message is forwarded to an unintended recipient.
  • Assign an alternate host to start and control the meeting: This keeps meeting more secure by eliminating the possibility that the host role will be assigned to an unexpected, or unauthorized, attendee, in case you inadvertently lose your connection to the meeting. One or more alternate hosts can be chosen when scheduling a meeting. An alternate host can start the meeting and act as the host. The alternate host must have a user account on your Webex Meetings website.
  • Use Entry or Exit Tone or Announce Name Feature: Using this feature prevents someone from joining the audio portion of your meeting without your knowledge. This feature is enabled by default for Webex Meetings and Webex Training. 
  • Lock the meeting once all attendees have joined the meeting: This will prevent additional attendees from joining. Hosts can lock/unlock the meeting at any time while the session is in progress.
  • Expel Attendees at any time during a meeting: Select the name of the attendee whom you want to remove, then select Participant > Expel.
  • Share an Application instead of sharing your Screen: This will prevent accidental exposure of sensitive information on your screen. Ex. Microsoft Office products, Web browsers, etc.
  • Set password for your recordings before sharing them: This will help keep the recording secure. Password-protected recordings require recipients to have the password in order to view them. Also, delete recordings after they are no longer relevant.
  • Create a Host Audio PIN: Your PIN is the last level of protection for prevention of unauthorized access to your personal conferencing account. Should a person gain unauthorized access to the host access code for a Personal Conference Meeting (PCN Meeting), the conference cannot be started without the Audio PIN. Protect your Audio PIN and do not share it.