In the Wake of Widespread Hacker Attacks, Study Reveals Security Concerns Centering on Web Conferencing
As hackers begin to target attacks for competitive intelligence, 80 percent of IT decision-makers concerned about exposure of sensitive content
BRIDGEWATER, N.J. (February 25, 2015) – OmniJoin, the web conferencing division of Brother International Corporation, today released survey results revealing that firms are concerned with security threats and securing sensitive content during web conferencing. In addition to security, high performance and network capabilities were important factors in IT leaders’ choosing on-premise web conferencing solutions. Forrester Consulting conducted the commissioned study on behalf of Brother in September 2014 and surveyed 150 IT professionals in regulated and non-regulated industries in North America.
Other key findings surrounding security risks during web conferences include:
Employees practice risky meeting behaviors with crucial company data. Nearly 40 percent of firms have meetings that involve financial data; one-third have meetings where employees share private customer or patient information; and approximately one in five have web meetings that involve trade secrets.
Controlling the exposure of sensitive content is a top security concern. Four out of five IT decision-makers consider this important, and 51 percent consider it very important.
Security ranks as top reason for firms in choosing on-premises deployments. Security was very important to 74 percent of IT decision-makers in their choice of web conferencing on-premises. Optimizing performance and controlling license costs are the number two and three reasons.
According to the study, when asked to judge security threats with web conferencing, 69 percent of IT professionals cited concern with employees sharing unauthorized content in meetings, with 38 percent labeling themselves as “very concerned.” Additionally, 64 percent (33% concerned, 31% very concerned) cited unauthorized participants listening in silently to meetings, and 63 percent (25% concerned, 38 % very concerned) cited unauthorized participants downloading content shared in web conferences as concerns.
“As we’ve seen recently, hackers are no longer aiming just at identity and credit card theft, they’re also zeroing in on individual companies, and the competitive intelligence and personal information within their communications,” said Bill Henderson, VP of Marketing at Brother International Corporation. “As nearly every size organization makes web meetings a daily part of their operations, they should look closely at on-premise web conferencing, deployed in their private cloud, to protect not just their data, but also their ideas.”
Download full study here.
For more information about Brother OmniJoin web conferencing, please visit www.omnijoin.com.
Other Web Services from Brother
For decades, small office / home office, small and medium sized businesses, and corporate workgroup customers have depended on Brother for high-quality, value-packed business machines. By launching the Brother Online suite of smart, web-based business services, Brother has now expanded beyond simply offering great hardware products.. OmniJoin™ web conferencing was the first such major service offering, the Brother Online suite has now added a variety of scanning and workflow solutions, which complement and expand the value of Brother™ scanners, printers, and Multi-Function Center® devices. For more information on Brother Online services, visit www.brothercloud.com
Brother International Corporation is one of the premier providers of products for the home, home office and office. The U.S. corporate office in Bridgewater, NJ, was established on April 21, 1954 and currently markets many industrial products, home appliances and business products manufactured by its parent company, Brother Industries, Ltd. of Nagoya, Japan.
These products include an award-winning line of Multi-Function Center® machines and printers. Brother also provides the number-one line of facsimile machines in the U.S. and is the leader in electronic labeling, with its full line of P-touch® Electronic Labeling Systems. For more information you can visit the website at www.brother-usa.com.
EDITOR’S NOTE: Photography available upon request.
Is Your Web Conferencing Service As Secure As You Think?
In general, Web conferencing service security is tight, but experts warn some gaps could be exposed. Find out what safeguards to put in place to keep your data secure.
Web conferences can be rife with sensitive material like revenue numbers, client information or product launches. With network hacks and security breaches more widespread, could hackers target Web conferencing next? Not necessarily, according to security experts, but there are caveats to consider.
Web conferencing services are "pretty secure," especially since many of them have abandoned Java-based software, said Marcus J. Carey , founder and chief technology officer at vThreat Inc., a cloud-based cyberattack simulator.
"I think Web conferencing is more secure than video conferencing," said Carey, drawing a distinction between the two technologies. "But you can shoot yourself in the foot with anything." Some Web conferencing security risks, however, do lurk.
For instance, hackers could set up vanity URLs, steal static phone and PIN numbers or simply social engineer an organization. According to Carey, many Web conferencing services now have vanity URLs like www.join.me/YourCompany, where a phisher could set up a presentation, impersonate a company and ask for money.
"I think vanity URLs could be exploited," he said. "I see a way for people to masquerade and pretend you're someone else as far as Web conferencing goes." Anyone can sign up for a Web conferencing service and set up a legitimate-looking domain, Carey said.
Carey added that companies should monitor any static dial-in credentials for their conference calls. Often, the call-in and PIN numbers don't change. If a person's email is hacked, the hacker could find those numbers, dial them and eavesdrop on calls.
Web conferencing a less attractive target
Despite some security risks, Web conferencing poses a less significant threat than more common attack targets, said Chris Grayson, a security associate at Bishop Fox, an IT security consulting firm.
"The lion's share of communication in modern organizations is through email," Grayson said. "And meetings are commonly followed by meeting minutes shared via email. Attackers will typically prioritize attacking textual communications over targeting Web conferencing systems."
But both Carey and Grayson stressed that companies need to keep their Web conferencing software patched and up to date. Grayson added these standard safeguards: Use encrypted protocols, choose mature software that has been developed with an eye toward security and use strong passwords.
Multiple layers of passwords and regular risk assessments are helpful precautions, said Courtney Behrens, senior marketing manager for Web solutions and services at electronics provider Brother International Corp. She said other safety measures include understanding how IT can govern cloud-based services and simply having the ability to turn features like recording on and off.
Building awareness of how employees use conferencing is key
Brother, which offers a cloud-based Web and video conferencing service, recently commissioned Forrester Research to conduct a survey on secure Web conferencing. The study found more than 60% of the organizations surveyed are sharing mission-critical information via Web conferences. More than 40% of the organizations are recording those meetings. Behrens stressed an organization's IT department needs to be aware of how employees are using a Web conferencing system.
Both Behrens and Andy Nilssen, senior analyst and partner at Wainhouse Research, emphasized some industries require more security than others depending on the information being shared. Conference recordings, uploaded presentations or other stored information could all be vulnerable if not secured.
"A Web conferencing facility [where the servers are stored] would be a very interesting way [for hackers] to get information," Nilssen said. "What's interesting about Web conferencing is there are a lot of touchpoints."
Those touchpoints, he said, include user authentication, agenda posting, secure hosting equipment and administrator meeting access. Nilssen said it's critical to select a reputable Web conferencing brand.
OmniJoin™ Sponsoring the ATA 2015 Annual Conference
OmniJoin will be a sponsor of the 20th annual American Telemedicine Meeting and Trade Show at the los Angeles Convention Center, May 2-5.
In response to growing concerns over providing quality care on-demand, reducing costs and being responsive to risk, healthcare organizations are now turning to cloud solutions more than ever before.
OmniJoin™ is a secure cloud-based medical video conferencing solution that helps healthcare providers expand their reach, provide quality care on-demand, reduce costs, and increase their efficiency. Our customers can reduce staff and patient travel expenses without sacrificing the quality of patient care.
Through our highly-secure public cloud or your own dedicated private cloud, healthcare providers are able to create a telehealth solution that securely enables communication with patients, provide remote care, and conduct online meetings and training sessions in a glitch-free, HD video environment.
Visit OmniJoin at booth #1517
Loose Lips Sink Deals - Why Paranoia is Required in Sales
He was vigilant with our sensitive data and I've carried those lessons with me throughout my career. You never know who might be listening in on your conversation at a hotel bar, on a train, or in flight. One misspoken word can easily get back to your competitor and torpedo your deal. That's how Murphy's Law works.
In sales, it pays to keep your secrets close and to be vigilant, even a bit paranoid, when it comes to your most sensitive information. Sadly, that was much easier before the digital revolution when everything was in paper format. Today, we face a whole new ball game where information is easier to obtain, hack, and share.
Over the last ten years sales meetings, demos, presentations, and proposals have shifted from the meeting room to cloud-based web conferencing. In this environment, it can be difficult to shut the door on hackers and eavesdroppers who are intent on getting your information. (I think we've all had the feeling that someone who was not supposed to be there was listening in on a meeting.)
So while web conferencing and digital sharing have made sales professionals more agile, they've also made us more vulnerable. Just imagine the damage a competitor could cause you by getting hold of your pricing prior to their presentation to your prospect!
Each day we discuss our most sensitive data through online conferencing:
Proposals & Pricing
Sales Forecasts & Pipelines
Strategic Account Strategy
Contracts & Legal Documentation
Ask yourself this question: What is the worst thing that could happen if this information fell into the wrong hands?
Here is the bad news: Hackers are relentless. They will stop at nothing to find a way in and steal your data?
Now consider this: Many sales professionals use their own device or applications for online meetings which makes your data even more vulnerable to third parties.
Take Action Now: My first sales manager taught me to be vigilant and his lessons continue to apply in the digital age:
Manage Need to Know: Don't give your information and dial in numbers to everyone. Only invite the small group of people who "need to know" to your web conferences. Avoid the tendency to mass copy indirect parties for CYA purposes.
Change Call-in Numbers Frequently: I am shocked at how many sales managers use the exact same call-in number every week for weekly meetings and salespeople who do the same for online demos and presentations. What happens when a former employee ends up at a competitor? Do you think they keep this information to themselves? Think again. Use a different call-in number and online login for every meeting.
Use Secure Web Conferencing: Believe it or not, most of the major providers of web conferencing do not offer secure platforms. This is a major problem, especially in light of the fact that teams are dispersed and the devices they use to access web conferences cannot be controlled. One of the new players in secure web conferencing is OmniJoin. They offer military grade security that keeps hackers and eavesdroppers out. The good news is OmniJoin is offering a free test drive now with no credit card required to try them out.
(Full Disclosure: I am a paid spokesperson for OmniJoin but I won't endorse a product I don't believe in. This is an awesome new sales tool and you should give it a try.)
Perhaps the most important action you can take is to constantly remind your peers, employees, and managers that loose lips sink deals. Train your team to be both vigilant and a little paranoid when it comes to sensitive sales information. I am sure for some, it might seem like overkill, but if you've just lost a million dollar deal because your competitor knew your strategy, no amount a vigilance can be enough.
Can Telehealth Displace The Therapist's Couch?
The psychiatrist's couch is being replaced by a video screen.
No, people with behavioral issues aren’t flocking to reruns of Frasier. They're finding doctors who can treat them at any time and any place, in the comfort of their own homes – through video conferencing, text messaging, even specialized apps that enable users to get the information they need at a moment of crisis.
According to the National Alliance on Mental Illness, 25 percent of the population suffers from some sort of event each year, be it insomnia, stress, anxiety or mood changes, and about 6 percent is living with a serious condition such as depression, bipolar disorder or schizophrenia (that percentage jumps considerably in the U.S. military, among the nation's veterans and in jobs of high stress, like police and fire departments).
Just mention Robin Williams, and the seriousness of the issue becomes clear.
Recently, American Well and MDLIVE, two of the larger players in the telehealth market, announced expansions of their behavioral health platforms. Another well-known tech company, Brother International, says its videoconferencing arm is seeing a surge in business from mental health professionals.
"The big thing about behavioral health is we don't lay hands on patients," says Jennifer Gentile, MM, PsyD, an instructor of psychology at Harvard Medical School, who has been named the head of American Well's new Amwell Therapy Associates. "And it's more difficult for these types of patients to get through barriers" to get healthcare.
The reasons for this surge are numerous, and they mirror the healthcare industry as a whole. First, due to a shortage of behavioral health professionals, they're in much demand and have a finite amount of time in their office, so that time spent on face-to-face meetings is limited and quite pricey. Second, people with behavioral issues generally don't want to visit a doctor's office, and would much prefer talking with a doctor in familiar surroundings. They're also in need of immediate help when a healthcare crisis occurs, and can greatly benefit from a real-time link to a caregiver.
"Mental health is not always easily accessed; at best it can often be described as cumbersome," Gentile wrote in a recent blog. "The usual way to find a therapist is to look at the back of your insurance card and call the phone number or look online. Once you have a list, you have to narrow down candidates by geographic location, education and training, and then inquire as to whether or not the therapist has room in their schedule to take a new patient."
Courtney Behrens, a senior marketing manager at Brother International, said telepsychiatry and telecounseling customers are flocking to the company's OmniJoin web conferencing solution because it fulfills a need for a secure, HIPAA-compliant platform by which doctors can talk to patients in their own homes. In fact, many smaller offices and clinics are using the company's cloud-based solution because it's easy to set up and use
"It's hard for a lot of these (doctors) to actually get in front of a patient," she said. "This helps them build out their business and see more patients."
Jim Mountain, president of Pittsburgh-based Secure Telehealth, which uses the OmniJoin platform, said in in a testimonial provided by Brother that his organizations has found videoconferencing to be effective.
“Telepsychiatry is an effective way to provide access to psychiatric care for individuals living in underserved areas," Mountain said. "It has become one of the most successful of all the telemedicine applications because its practitioners don’t need to touch their patients to treat them."
MDLIVE recently acquired Breakthrough Behavioral, a Silicon Valley-based teletherapy provider. Company CEO Randy Parker said the acquisition enables Florida-based MDLIVE to advance its work with the payer and employer markets to offer real-time access to mental health services. And Breakthrough president Julian Cohen added in a prepared statement that the deal creates "an integrated integrated physical and behavioral health platform for patients."
The problem is an acute one for the U.S. military, which sees a high number of veterans returning from overseas duty with some version of post-traumatic stress disorder (70 percent of the nation's military population is also younger than 30, an age group with a higher incidence of behavioral issues). The National Center for Telehealth and Technology has been working with the Department of Defense to push psychological care out to more members of the military community through telehealth visits and mHealth apps like PTSD Coach.
Apps, in fact, are becoming the tool of choice for helping healthcare providers identify whether people have behavioral issues and also enabling consumers themselves to identify those issues. There are apps that allow users to track moods and learn how to breathe properly, even web programs that can plumb a user's social media channels and identify messages with troubling content (such as Tweets from a user who might be considering suicide).
Gentile said news events like Williams' suicide and that of the girlfriend of NBA player Ryan Anderson, focus public attention on mental health issues, which are much more prevalent than most people realize. They also point out that getting help isn't as easy as sitting on a couch in some office and talking to a therapist – mental health crises can occur at any time and place, and need an immediate interaction and support.
"People want to get out of their distress now," she said.