Working from Home (WFH) & Security
Working from Home continues to raise questions about security and recent publicity caused even more concerns. Here is what different vendors have to say about security:
StarLeaf is a European provider for video conferencing and has a very strict policy regarding data & security. This is what StarLeaf briefs about security:
Organizations need to ensure that when they engage with a video services vendor, they are absolutely sure it is one that they can trust with their data. Security is of paramount importance to StarLeaf, and we have invested heavily in it. Our robust security measures have enabled us to achieve ISO/IEC 27001 certification. This is the most respected and internationally-recognized information security and compliance standard. It means that our customers can trust our service, our processes, and our products and be confident that their communications and data are kept secure.
StarLeaf has an entire portal for security matters, you can find that here: security portal.
The Lifesize proposition for security is very complete:
As an industry leading provider for video conferencing, the reliability of the network and performance is of utmost importance. During the first peaks while working from home, upon the world wide lockdown activities, the Lifesize network appeared to be – by far – the most reliable and competent video network.
Organizations choose Lifesize because they refuse to risk their mission-critical communications to service outages or packet loss. When you present in the next forecast meeting, finance planning session or big presentation to a potential customer, you can trust in the Lifesize network to work the first time, every time. Lifesize employs a truly modern, global cloud architecture designed from the ground up to meet the functionality, security and continually evolving communication needs of our customers — because at the end of the day, your meetings are only as good as the platform you use to connect everyone.
More about the security from Lifesize is found here.
Zoom has been in the news, on a variety of occasions, and here is what Zoom has to say regarding security:
Zoom takes its users’ privacy extremely seriously. Zoom collects only the data from individuals using the Zoom platform required to provide the service and ensure it is delivered effectively under a wide variety of settings in which our users may be operating. Importantly, Zoom does not mine user data or sell user data of any kind to anyone. Learn more.
We’ve clarified recent concerns around the encryption of Zoom Meetings and Webinars. Rest assured Zoom keeps all meeting information and data confidential and encrypted.
Meeting Disruption/Uninvited Guest Controls
Many outlets have also covered meetings being disrupted by attendees. Zoom has rich security controls to prevent this from happening that we’ve documented here.
Security Toolbar Icon for Hosts
The meeting host will now have a Security option in their meeting controls, which exposes all of Zoom’s existing in-meeting security controls one place. This includes locking the meeting, enabling Waiting Room, and more. Users can also now enable Waiting Room in a meeting, even if the feature was not turned on before the start of the meeting. For more information, please visit this recently published Blog.
Invite Button on Meeting Client Toolbar
The button to invite others to join your Zoom meeting is now available at the bottom of the Participants panel
Meeting ID No Longer Displayed
The meeting ID will no longer be displayed in the title bar of the Zoom meeting window. The meeting ID can be found by clicking on Participants, then Invite or by clicking on the info icon at the top left of the client window.
Remove Attendee Attention Tracking Feature
Zoom has removed the attendee attention tracker feature as part of our commitment to the security and privacy of our customers. For more background on this change and how we are pivoting during these unprecedented times, please see a note from our CEO, Eric S. Yuan
Removal of the Facebook SDK in our iOS client
We have reconfigured the feature so that users will still be able to log in with Facebook via their browser
The option to do third-party file transfers in Meeting and Chat was temporarily disabled. Local file transfer is available with our latest release. Third-party file transfers and clickable URLs in meeting chat will be added back in an upcoming release
New Join Flow for the Web client
By default, users will now need to sign in to their Zoom account or create a Zoom account when joining a meeting with the Web client. This can be disabled by the Admin or the User from their settings page
Join Before Host Emails Disabled
Notifications sent to the host via email when participants are waiting for the host to join the meeting have been disabled.
Setting to Allow Participants to Rename Themselves
Account admins and hosts can now disable the ability for participants to rename themselves in any meeting. This setting is available at the account, group, and user level in the Web portal.
Language for Directory and Company Directory (please note, this does not impact your account)
Domain contacts: For free Basic and single licensed Pro accounts with unmanaged domains, contacts in the same domain will no longer be visible. We’ve also removed the option to auto-populate your Contacts list with users from the same domain. If you would like to keep those contacts, you can add them as External Contacts.
Change in visibility of contacts with same domain (please note, this does not impact your account)
For Basic and single licensed Pro accounts with unmanaged domains, contacts in the same domain will no longer be visible under ‘Company Directory’ in the ‘Contacts’ tab. Consequently, for the single Pro accounts with unmanaged domains, we’ve removed the option in the admin experience to populate Company Directory with users from the same domain. If these affected users would like to keep contacts with the same domain, they can add them as External contacts. This change will not impact paid accounts with multiple licenses and all accounts with managed domains.