Video Conferencing Best Practices
Relevance to Business Activities:
- security – administrative safeguards considerations:
- participants of a meeting:
- take steps to ensure that only invited participants are able to join the meeting:
- there is a chance of uninvited people showing up on video conferences;
- consider security features of the services used for the meetings as some features allow hosts to:
- password-protect a meeting; and
- limit access by providing unique ID numbers for each meeting or participant.
- if the user hosts the recurring meeting, they are allowed to create new passwords or ID numbers for each meeting:
- employers should include the use of this method in their policy as it is more secure than reusing old credentials.
- take steps to ensure that only invited participants are able to join the meeting:
- limiting access:
- hosts should take advantage of the options to:
- lock the meeting once the expected participants have arrived, preventing others from joining; and
- approve each participant trying to join in, for the greatest level of control:
- hosts may also have the ability to remove individual users from the meeting.
- hosts should take advantage of the options to:
- participants of a meeting:
- video camera and microphone:
- when someone joins a meeting their camera and microphone may be on by default – they:
- must be aware that participants may be able to see and hear them as soon as they join a meeting; and
- should turn off the camera or mute themselves if they do not want to share sound and/or audio:
- they may be able to adjust their default setting to store these preferences.
- recording of the meeting:
- sometimes it is indicated on the screen that the meeting is being recorded:
- however, other times the meeting is being recorded without an indicator:
- users should refrain from sharing private and confidential information via video conferencing.
- screen sharing:
- when sharing screens, users must ensure that they do not have open what they do not wish to share, such as:
- documents;
- browser windows; or
- other things on their screens that are not for sharing.
- consider the options to:
-
- turn off screen sharing; or
- limit its use to the host.
-
- unexpected video conference invitations:
- do not open unexpected video conference invitations or click on links:
- malicious actors:
- are sending emails mimicking meeting invitations or other communications from conferencing services; and
- may copy the logo and look of familiar names in the business to add authenticity.
- some links may contain viruses or install malware on the user’s computer;
- employers should tell all staff members and clients in advance that:
- there is a teleconference planned for a certain time; and
- they should expect an invitation with the host’s name.
- if the service used for conferencing requires downloading an app or desktop application:
- ensure that it is downloaded from the service’s website or a platform’s app store.
- confidential information:
-
- if confidentiality is crucial, video conferencing may not be the best option:
- businesses should:
- consider alternatives if particularly sensitive topics are going to be discussed;
- evaluate whether an enterprise service would provide greater security, rather than free services available to the general public; and
- ask about dedicated telehealth conferencing services that can include more safeguards to keep information private:
- if a business is conferencing remotely with a health care provider
-
- conferencing software:
-
- update the video conferencing software:
- many video conferencing companies are updating their software with patches and fixes; and
- users should only accept updates directly from the service’s website.
- update the video conferencing software:
-
- employee training:
- train employees on best practices for video conferencing:
- employees may enable a video conferencing service that does not meet the company’s security standards.
- train employees on best practices for video conferencing:
- vendor management considerations:
- service provider:
- before using a conferencing service, review key provisions in the service’s privacy policy to understand:
- the information that the service provider will collect; and
- if the service provider is:
- using the information collected for the purposes outlined in its privacy policy; and
- sharing the information with third parties.
- before using a conferencing service, review key provisions in the service’s privacy policy to understand:
- service provider:
