Working from home drives use of online meeting applications; Cyber security factors should not be overlooked

Sat 09 May 2020, telkomtelstra
cyber security

The coronavirus (COVID-19) pandemic with a growing transmission rate has implications for workers and students. The requirement to work from home (WFH) and study from home has encouraged millions of workers, including civil servants and those in the private sector, as well as students to switch to using digital technology such as online meeting applications to maintain productivity. But, in the midst of this trend, we must pay attention to the issue of cyber security and the challenge this poses with online meeting applications.

Unwittingly, the surge in new users on these online meeting applications will lead to new issues related to cyber security that could be disastrous if not managed properly. For example, when those working from home use laptops and virtual private networks (VPNs) from home to connect to corporate networks, this increases the risk of cyber security leaks if not properly protected. Home Wi-Fi with suboptimal security or personal VPNs have the potential to digitally infect the corporate network with viruses or malware.

So what should you do? How do you manage cyber security in a remote work system that requires an online meeting application? Are free online meeting applications more risky?

Such issues should be understood by those working from home so as to provide broad insight into cyber security for the corporate network. To that end, here are some tips to help maintain cyber security for those working from home.

Use safe work collaboration solutions for online meetings

The first thing to do is choose a safe work collaboration solution for remote virtual conferences and meetings. Now, as more and more businesses, schools and organisations rely on online meeting applications and business collaboration, with important features such as video conferencing for daily communication, cyber security needs to be emphasised as a top priority.

On that basis, when choosing an online meeting platform, we should understand a few of these basic rules:

A. Free services are risky. When online digital meeting platforms provide free services, we need to study the information and requirements as well as usage guidelines. Often because they are a free service, online meeting platforms are used to collect as much user information as possible. Make sure you know the settings on any platform used to set the privacy mode to be as optimal as possible. The aim is none other than to protect sensitive matters and valuable information conveyed in meetings with the help of digital platforms.

B. Does the online meeting platform service allow you to take screenshots or record sessions? If so, is notification provided? Sensitive information can be obtained from images produced during video conferencing. For example, pictures from your personal life or bank account statements can be accidentally shared with participants.

C. Does the online meeting platform allow you to record discussion sessions? If so, any recordings, be it yours or a colleague’s, can represent a major risk to data privacy. Moreover, keep in mind that digital conference service platforms now allow users to record sessions for future reference.

D. As a user, you need to study the track record of the virtual meeting/conference service platform. Have there ever been any reports of malware or security leaks related to the service? It is highly recommended to use a service platform that can provide detailed information about their commitment to cyber security and one that requires participants to continue to update the system on an ongoing basis to increase security.

E. Does the virtual meeting/conference service platform provide end-to-end encryption? Public Wi-Fi access can cause user data to be vulnerable to man-in-the-middle attacks. End-to-end encryption provides an extra layer of security by making conferences and communications significantly more difficult to tap.

F. Does the platform allow you to change display names, create burner numbers or hide your identity? One of the most effective tricks hackers use to compromise businesses is spoofing (for example, pretending to be a colleague or a partner). Make sure you use a platform that makes it difficult to hide or change your identity. In addition, make sure to confirm that the person you are communicating with is the right person before sharing information with them. It is good practice to ask each participant to introduce themselves at the beginning of a meeting.

G. Can online meetings be limited to only those participants with a PIN? Access to meetings can and should only be restricted to those who have received an invite. A secure platform will also provide a means of authentication. Beware if you are using a platform that does not provide any means of authentication.

Cyber security for file sharing

In general, when the file sharing feature is not available on an online meeting platform, employees will often use their personal devices when sharing materials or work material with colleagues, for example, through the document sharing feature in a private instant messaging application. As these tools and devices are outside the IT department’s control, they are inherently insecure and endanger sensitive company data.

Avoid providing opportunities for hackers to intervene and manipulate media files without the user’s knowledge. If security flaws are exploited, hackers can misuse and manipulate sensitive information such as personal photos and videos, company documents, invoices and voice memos.

Why should organisations be more serious about addressing this security challenge?

It is important to realise that the working from home momentum increases cyber security risks as all work is performed online. Hackers and scammers never let crises pass without exploiting them, and COVID-19 is no exception. When workers access the company’s network from outside the workplace, the number of different access points has the potential to increase vulnerability exponentially. This increases the number of loopholes in the organisation that can be attacked by hackers.

Employees who work from home need the right tools to support productivity and communication to stay connected with their team, collaborate on tasks, and to perform even more tasks. Using traditional solutions or free services to share confidential documents and other files can risk compromising your data.

The Telkomtelstra Teams solution, a cloud-based business collaboration application built into Microsoft Office 365, has become very popular among employees working from home. Designed to be a ‘virtual office’, the Teams solutions from Telkomtelstra focuses on enabling virtual work collaboration and offering important features while working from home: video conferencing features, remote meetings, work discussions among divisions or teams, shared file storage (including collaboration on files), and work application integration. With Microsoft’s leading technology, and also its reinforced security and privacy, Teams is able to provide a sense of security when performing work activities remotely in the current high cyber threat environment. Keep in mind that digital working conditions will become the new working norm even after the pandemic ends, given the advantages in cost efficiency such as transport costs, as well as the effectiveness and speed in decision making. From now on it is necessary to use safe technology to avoid malware or privacy data breaches. Therefore, plan your job security appropriately, and encourage organisations in your office to do the same.(*)