Web Conferencing Proves Big Security Concern for IT Decision Makers
There have been a great many hacking attacks of late, with a lot of big names ending up on the bad end of a hacker's efforts. This in turn has made a lot of IT decision makers consider where the next big threat to everyday operations and sensitive material will come from. A new study from Omnijoin, Brother International Corporation's Web conferencing division, shows that when IT decision makers start considering threats to the business, one of the first directions considered is Web conferencing.
The Brother study, conducted by Forrester Consulting of 150 IT professionals in both regulated and non-regulated industries, found that 80 percent of respondents were concerned about the exposure of data in the industry, with 51 percent viewing protecting data as “very important.” Web conferencing proved to be a major concern in that vein. So-called “risky meeting behaviors” were also a big problem, as 40 percent of firms have meetings that bring in financial data in some way. A third of firms had meetings involving the sharing of customer or patient data, and about 20 percent had meetings involving trade secrets, making the protection of data during Web conferencing sessions particularly important.
That, in turn, reveals that the leading reason for companies going with on-premises deployments is related to issues of security. Security proved to be “very important” to 74 percent of IT decision makers who set up on-premises deployments. Optimizing performance and keeping a handle on license costs proved to be part of the equation, coming in at number two and number three reasons. 69 percent of respondents had some concern with unauthorized content sharing in meetings, while 38 percent were “very concerned.” A combined total of 64 percent—33 percent concerned and 31 percent very concerned—had a particular problem with unauthorized participants listening in, and almost as many—63 percent total—had some level of concern about Web conferencing participants downloading content.
The problem here is that we're dealing with a very valuable technology that's extremely easy to use. For instance, using Web-based real time communications (WebRTC) as a conferencing tool can be a great way to connect users on nothing more than a Web browser, but with a data channel included for quickly sharing files, it can be somewhat risky. Worse, many common applications require some degree of data sharing; the move to big data tools all but depend on having sufficient data to operate. It's possible to exercise some protective measures here, like keeping unauthorized participants out of conferences, but there will always be some degree of risk. Without that risk, there are too many opportunities lost, and that's a development businesses can ill afford.
There’s a fine line between over-sharing and under-sharing, and finding and straddling that line will likely offer the best results. It's not easy, but protecting information and allowing it to be shared as needed offers some incredible benefits.
In the Wake of Widespread Hacker Attacks, Study Reveals Security Concerns Centering on Web Conferencing
As hackers begin to target attacks for competitive intelligence, 80 percent of IT decision-makers concerned about exposure of sensitive content
BRIDGEWATER, N.J. (February 25, 2015) – OmniJoin, the web conferencing division of Brother International Corporation, today released survey results revealing that firms are concerned with security threats and securing sensitive content during web conferencing. In addition to security, high performance and network capabilities were important factors in IT leaders’ choosing on-premise web conferencing solutions. Forrester Consulting conducted the commissioned study on behalf of Brother in September 2014 and surveyed 150 IT professionals in regulated and non-regulated industries in North America.
Other key findings surrounding security risks during web conferences include:
Employees practice risky meeting behaviors with crucial company data. Nearly 40 percent of firms have meetings that involve financial data; one-third have meetings where employees share private customer or patient information; and approximately one in five have web meetings that involve trade secrets.
Controlling the exposure of sensitive content is a top security concern. Four out of five IT decision-makers consider this important, and 51 percent consider it very important.
Security ranks as top reason for firms in choosing on-premises deployments. Security was very important to 74 percent of IT decision-makers in their choice of web conferencing on-premises. Optimizing performance and controlling license costs are the number two and three reasons.
According to the study, when asked to judge security threats with web conferencing, 69 percent of IT professionals cited concern with employees sharing unauthorized content in meetings, with 38 percent labeling themselves as “very concerned.” Additionally, 64 percent (33% concerned, 31% very concerned) cited unauthorized participants listening in silently to meetings, and 63 percent (25% concerned, 38 % very concerned) cited unauthorized participants downloading content shared in web conferences as concerns.
“As we’ve seen recently, hackers are no longer aiming just at identity and credit card theft, they’re also zeroing in on individual companies, and the competitive intelligence and personal information within their communications,” said Bill Henderson, VP of Marketing at Brother International Corporation. “As nearly every size organization makes web meetings a daily part of their operations, they should look closely at on-premise web conferencing, deployed in their private cloud, to protect not just their data, but also their ideas.”
Download full study here.
For more information about Brother OmniJoin web conferencing, please visit www.omnijoin.com.
Other Web Services from Brother
For decades, small office / home office, small and medium sized businesses, and corporate workgroup customers have depended on Brother for high-quality, value-packed business machines. By launching the Brother Online suite of smart, web-based business services, Brother has now expanded beyond simply offering great hardware products.. OmniJoin™ web conferencing was the first such major service offering, the Brother Online suite has now added a variety of scanning and workflow solutions, which complement and expand the value of Brother™ scanners, printers, and Multi-Function Center® devices. For more information on Brother Online services, visit www.brothercloud.com
Brother International Corporation is one of the premier providers of products for the home, home office and office. The U.S. corporate office in Bridgewater, NJ, was established on April 21, 1954 and currently markets many industrial products, home appliances and business products manufactured by its parent company, Brother Industries, Ltd. of Nagoya, Japan.
These products include an award-winning line of Multi-Function Center® machines and printers. Brother also provides the number-one line of facsimile machines in the U.S. and is the leader in electronic labeling, with its full line of P-touch® Electronic Labeling Systems. For more information you can visit the website at www.brother-usa.com.
EDITOR’S NOTE: Photography available upon request.
Is Your Web Conferencing Service As Secure As You Think?
In general, Web conferencing service security is tight, but experts warn some gaps could be exposed. Find out what safeguards to put in place to keep your data secure.
Web conferences can be rife with sensitive material like revenue numbers, client information or product launches. With network hacks and security breaches more widespread, could hackers target Web conferencing next? Not necessarily, according to security experts, but there are caveats to consider.
Web conferencing services are "pretty secure," especially since many of them have abandoned Java-based software, said Marcus J. Carey , founder and chief technology officer at vThreat Inc., a cloud-based cyberattack simulator.
"I think Web conferencing is more secure than video conferencing," said Carey, drawing a distinction between the two technologies. "But you can shoot yourself in the foot with anything." Some Web conferencing security risks, however, do lurk.
For instance, hackers could set up vanity URLs, steal static phone and PIN numbers or simply social engineer an organization. According to Carey, many Web conferencing services now have vanity URLs like www.join.me/YourCompany, where a phisher could set up a presentation, impersonate a company and ask for money.
"I think vanity URLs could be exploited," he said. "I see a way for people to masquerade and pretend you're someone else as far as Web conferencing goes." Anyone can sign up for a Web conferencing service and set up a legitimate-looking domain, Carey said.
Carey added that companies should monitor any static dial-in credentials for their conference calls. Often, the call-in and PIN numbers don't change. If a person's email is hacked, the hacker could find those numbers, dial them and eavesdrop on calls.
Web conferencing a less attractive target
Despite some security risks, Web conferencing poses a less significant threat than more common attack targets, said Chris Grayson, a security associate at Bishop Fox, an IT security consulting firm.
"The lion's share of communication in modern organizations is through email," Grayson said. "And meetings are commonly followed by meeting minutes shared via email. Attackers will typically prioritize attacking textual communications over targeting Web conferencing systems."
But both Carey and Grayson stressed that companies need to keep their Web conferencing software patched and up to date. Grayson added these standard safeguards: Use encrypted protocols, choose mature software that has been developed with an eye toward security and use strong passwords.
Multiple layers of passwords and regular risk assessments are helpful precautions, said Courtney Behrens, senior marketing manager for Web solutions and services at electronics provider Brother International Corp. She said other safety measures include understanding how IT can govern cloud-based services and simply having the ability to turn features like recording on and off.
Building awareness of how employees use conferencing is key
Brother, which offers a cloud-based Web and video conferencing service, recently commissioned Forrester Research to conduct a survey on secure Web conferencing. The study found more than 60% of the organizations surveyed are sharing mission-critical information via Web conferences. More than 40% of the organizations are recording those meetings. Behrens stressed an organization's IT department needs to be aware of how employees are using a Web conferencing system.
Both Behrens and Andy Nilssen, senior analyst and partner at Wainhouse Research, emphasized some industries require more security than others depending on the information being shared. Conference recordings, uploaded presentations or other stored information could all be vulnerable if not secured.
"A Web conferencing facility [where the servers are stored] would be a very interesting way [for hackers] to get information," Nilssen said. "What's interesting about Web conferencing is there are a lot of touchpoints."
Those touchpoints, he said, include user authentication, agenda posting, secure hosting equipment and administrator meeting access. Nilssen said it's critical to select a reputable Web conferencing brand.
OmniJoin™ Sponsoring the ATA 2015 Annual Conference
OmniJoin will be a sponsor of the 20th annual American Telemedicine Meeting and Trade Show at the los Angeles Convention Center, May 2-5.
In response to growing concerns over providing quality care on-demand, reducing costs and being responsive to risk, healthcare organizations are now turning to cloud solutions more than ever before.
OmniJoin™ is a secure cloud-based medical video conferencing solution that helps healthcare providers expand their reach, provide quality care on-demand, reduce costs, and increase their efficiency. Our customers can reduce staff and patient travel expenses without sacrificing the quality of patient care.
Through our highly-secure public cloud or your own dedicated private cloud, healthcare providers are able to create a telehealth solution that securely enables communication with patients, provide remote care, and conduct online meetings and training sessions in a glitch-free, HD video environment.
Visit OmniJoin at booth #1517
Loose Lips Sink Deals - Why Paranoia is Required in Sales
He was vigilant with our sensitive data and I've carried those lessons with me throughout my career. You never know who might be listening in on your conversation at a hotel bar, on a train, or in flight. One misspoken word can easily get back to your competitor and torpedo your deal. That's how Murphy's Law works.
In sales, it pays to keep your secrets close and to be vigilant, even a bit paranoid, when it comes to your most sensitive information. Sadly, that was much easier before the digital revolution when everything was in paper format. Today, we face a whole new ball game where information is easier to obtain, hack, and share.
Over the last ten years sales meetings, demos, presentations, and proposals have shifted from the meeting room to cloud-based web conferencing. In this environment, it can be difficult to shut the door on hackers and eavesdroppers who are intent on getting your information. (I think we've all had the feeling that someone who was not supposed to be there was listening in on a meeting.)
So while web conferencing and digital sharing have made sales professionals more agile, they've also made us more vulnerable. Just imagine the damage a competitor could cause you by getting hold of your pricing prior to their presentation to your prospect!
Each day we discuss our most sensitive data through online conferencing:
Proposals & Pricing
Sales Forecasts & Pipelines
Strategic Account Strategy
Contracts & Legal Documentation
Ask yourself this question: What is the worst thing that could happen if this information fell into the wrong hands?
Here is the bad news: Hackers are relentless. They will stop at nothing to find a way in and steal your data?
Now consider this: Many sales professionals use their own device or applications for online meetings which makes your data even more vulnerable to third parties.
Take Action Now: My first sales manager taught me to be vigilant and his lessons continue to apply in the digital age:
Manage Need to Know: Don't give your information and dial in numbers to everyone. Only invite the small group of people who "need to know" to your web conferences. Avoid the tendency to mass copy indirect parties for CYA purposes.
Change Call-in Numbers Frequently: I am shocked at how many sales managers use the exact same call-in number every week for weekly meetings and salespeople who do the same for online demos and presentations. What happens when a former employee ends up at a competitor? Do you think they keep this information to themselves? Think again. Use a different call-in number and online login for every meeting.
Use Secure Web Conferencing: Believe it or not, most of the major providers of web conferencing do not offer secure platforms. This is a major problem, especially in light of the fact that teams are dispersed and the devices they use to access web conferences cannot be controlled. One of the new players in secure web conferencing is OmniJoin. They offer military grade security that keeps hackers and eavesdroppers out. The good news is OmniJoin is offering a free test drive now with no credit card required to try them out.
(Full Disclosure: I am a paid spokesperson for OmniJoin but I won't endorse a product I don't believe in. This is an awesome new sales tool and you should give it a try.)
Perhaps the most important action you can take is to constantly remind your peers, employees, and managers that loose lips sink deals. Train your team to be both vigilant and a little paranoid when it comes to sensitive sales information. I am sure for some, it might seem like overkill, but if you've just lost a million dollar deal because your competitor knew your strategy, no amount a vigilance can be enough.