After you’ve adopted your system of choice, it’s important to put internal controls in place to further protect your company’s data. Video conference solutions are designed to make it easy for anyone and everyone to join a call; their bias is toward removing barriers to call access, not necessarily ensuring the security of those calls. Such openness can make it easy for unwanted interlopers to "crash" a video call. These intentional or unintentional interlopers could be people inside your organization that shouldn’t be privy to certain information or even people outside your company. That's why your internal video conference usage policy is so important, especially when sensitive legal and company information is going to be discussed via video conference. Here are some tips:
Tip #1: Don't Publicly Post Video Meeting Invitations or URLs
Most video conference solutions assign a Meeting ID, a meeting URL, or both to a scheduled video call. Unless you want "party crashers" to your video call, this information should never be posted into a shared chat environment, onto social media, or onto any public-facing website.
Tip #2: Don't Use Your Personal Meeting URL for Group Meetings
Many video conference tools allow you to have a personal "room" for video calls -- somewhat like a consistent phone number for conventional conference calls -- that you can use to host recurring meetings or allow colleagues and clients to "call" you on without needing to formally schedule a one-off video meeting. While this functionality can be convenient, it should only be used for one-on-one meetings where non-sensitive or non-confidential information is shared -- because anyone who has ever visited your "room" before knows how to access it again, and can crash any of your future calls.
How many times has the attendee of your 2pm video call popped into the 1pm video conference that is running long? If sensitive legal information is on the agenda, even accidental breaches of confidentiality are unacceptable. If you must use this feature, in systems like Zoom you can adjust your settings to create virtual “waiting rooms” that prevent attendees from joining until you admin them.
Tip #3: Allow Only Specific, Authenticated Meeting Participants
Virtually every video conference solution can password-protect meetings, such that only users with the right code, PIN or password can access a scheduled call. That should always be your default policy for any video meeting. Most video conference tools go further, and can require that a user authenticate their identity -- for example, with a Google login or Active Directory ID -- before they can join a video call. Where available and practical, you should insist on this level of security, too.
Tip #4: Don't Allow Non-Moderators to Screen Share or Alter Meeting Settings
Almost every video conferencing tool on the market allows moderators to "lock down" a virtual meeting, such that only the moderator and call attendees they select can use functions like screen sharing, posting into group chat, muting or unmuting other participants, recording the call, or altering other key meeting Settings.
Moderator-only host-only meeting controls should be your default setting, so that bad actors can't disrupt or infiltrate your call by, for example, joining with a disabled and hidden notification.
LinkSquares offers a next-generation, artificially intelligent contract analysis solution that can help you monitor and manage every contract in your portfolio -- including your video conferencing provider's contract and terms. By identifying, extracting, and giving you the ability to report on key terms in all of your contracts, you can highlight problematic contract language and terms to better arm your business with the information you need. When you're in a "panic mode" shift in business processes, you need AI contract analysis more than ever.
If you're ready to take your contract analysis to the next level -- and understand what’s in all your signed agreements -- contact LinkSquares today.