Breaking Down Video Conferencing Privacy and Security with Pexip’s Giles Chamberlain

On this episode of Navigate, a special six-part podcast series with Pexip and Futurum Research, host Daniel Newman talks with Giles Chamberlain about how to approach privacy and security for your video conferencing solutions.

Video Conferencing Popularity Bringing Privacy and Security to the Forefront

In the last month, video conferencing has seen an explosion in popularity due to shelter-in-place orders. More people are on video than ever before, but this huge increase has also brought increased security concerns. Zoombombing and other video conferencing breaches have made headlines for weeks. Enterprises are realizing that it is not as easy as just clicking a link and joining a video. There has been a greater call to ensure privacy and security for all users.

Giles noted that when looking at a video conferencing solution, you need to consider privacy and security individually. Let’s break it down.

Breaking Down Privacy and Security

Every video conference call creates data. If you’re recording audio, video and chat sessions that is all data that is in the hands of the provider. But even if you’re not recording, you’re still creating metadata. That could be IP addresses, email addresses, or company information. Protecting this information is crucial. Laws and regulations like the GDPR, CCPA, HIPAA and others set the standard of how this information is protected.

When considering a solution, it’s important to perform a risk assessment or research the standards that companies guarantee. It is the responsibility of the ITDM in the enterprise to ensure privacy by understanding the security protocols that are in place.

An enterprise should also have their own set of security protocols in place for video conferencing. Giles recommended that companies start with strict security and loosen restrictions as you operate. No employee will ever start with lax security and then voluntarily move to a more secure environment. Retrofitting is hard.

For example, end-to-end encryption should be standard from day one. Meeting ID numbers and passwords to enter meeting rooms should be standard. User experience might be sacrificed in the name of security, but it’s table stakes.

Hosting Options

Privacy and security standards come down to where a video conferencing solution is hosted. The great advantage of the cloud service is somebody else does all the work for you. But you still have the legal obligation to know what data you’re giving them, where it’s going, and what’s happening with it. You can’t just abdicate the responsibility altogether. If a company decides that the risk of losing important data is too high then they can bring it all in-house and host in their own data center. This is where Pexip started. Self-hosted solutions were sold to providers to host on-prem.

The second option available is shared hosting. Companies that trust a cloud provider like Google, Azure, or AWS can move the compute capacity to the cloud while still having employees manage the service. The data is still under the control of the organization, but the hosting is elsewhere to take the strain off the company’s data center.

The final option is managed hosting. Companies can turn the whole service over to someone else. Another company provides the compute power and ensures the data protection.

Some off-the-shelf video conferencing solutions only offer one hosting option. Pexip on the other hand offers all three, giving customers better options for what fits their needs. At the end of the day, enterprise leaders know what they need and what they need to protect.

For more information about Pexip, their products and offerings be sure to check out their website or listen to the full episode of Navigate below.