Monday, June 2, 2008

Conference Call Security

Writen by Richard Rojas

Every business is concerned with security or at least should be. This is especially true when using the Internet. Protecting networks, computers, email, and software applications from the ever-present threat of virus and worm infection is part and parcel of doing business in a connected world.

And of course it goes without saying that physical security such as door locks, access codes and security badges are standard operating procedures at all organizations that take themselves seriously.

The passage of the Sarbanes-Oxley Act of 2002 has made such security and auditing procedures a requirement for anyone doing business. However, an area where many organizations let their guard down is with conference call security.

Would you let your key competitor sit in on a new product strategy meeting? This can very easily happen if an unscrupulous competitor obtained the access code and call-in number to one of your conference calls. Industrial espionage isn't just a theme in old Saturday morning cartoons.

Even political campaigns are not safe from such eavesdropping. Just think Watergate. In a competitive world where a great deal of money as well as power is at stake, anything goes!

Fortunately, many conference call services provide at least a basic degree of security. Let's take a look at these security features starting with audio conference calls. The conference call security features of audio conference calls are for the most part common across video and Web conference calls. Since Web and video conference calls are also exchanging data as well as voice they have additional security requirements, which we'll look at separately.

Audio conference call security:

*Use the passcode assigned to your conference call at the time the reservation is made. This will prevent callers without the proper passcode from being admitted to the call.

*Protect the passcode and any other account information associated with the call. This means limiting who receives the information. Also get in the habit of shredding any documents that contain this information.

*Be sure to enable entry and exits tones to notify you when a participant joins or leaves the call.

*Require that participants identify themselves when joining the conference call and also take roll before commencing the conference.

*Lock the conference call so no one else can join it once begun.

*Disconnect all lines to the call at the end of the call to make certain there aren't any side discussions after the conference has ended.

*Get in the habit of changing the call-in numbers and passcodes on a regular basis

Web and video conference call security:

In addition to the same security features as in an audio conference call be sure that your Web and video conferences have the following conference call security features in place:

*End-to-end encryption of the data link. Most use Secure Sockets Layer (SSL) and 128-bit AES encryption to protect your data stream from snoopers.

*Secure control over desktop sharing when sharing your keyboard and mouse during collaboration.

By using the security features built into most conference call solutions and practicing some basic security precautions you can keep your meetings and vital data safe from competitors and hackers.

Richard R. Rojas covers the telecommunications industy and writes about business conference calls technology trends and services.

No comments: