09 April 2020

Testing Times for Video Conferencing Applications

With the sudden uptake of “Work from Home” arrangements many organisations have quickly moved to deploy video conferencing applications to enable their staff to stay in contact with the business and customers.

In the last 2 weeks there has been widespread media coverage regarding the security of some of these applications, and whether they are fit for purpose to host meetings, particularly where sensitive or confidential matters are likely to be discussed.

One very popular choice, Zoom, has acknowledged it has some work to do to improve its security and privacy shortcomings. Zoom announced it is going to immediately prioritise fixing the current selection of security and privacy issues before anything else.

If your organisation is invested in Zoom and has chosen to continue to use it, there are some immediate steps you can take to improve the security and privacy of your current configuration whilst awaiting software updates from Zoom.

Sophos recommend -

  1. Patch early, patch often
  2. Use the Waiting Room option
  3. Take control over screen sharing
  4. Use random meeting IDs and set meeting passwords
  5. Make some rules of etiquette and stick to them

For full details visit Naked Security by Sophos.

There are also some good articles from Bleeping Computer and ARS Technica that include useage and security tips.

Microsoft Teams

Having assisted several organisations to ensure they have a securely configured Office 365 environments, we are well positioned to also help organisations ensure their Teams configuration is secure.

Our audit service of a Teams configuration covers the following key aspects -

  • Configuration review of the MS Teams implementation
  • Security posture review of the MS Teams implementation
  • Risk analysis, rating, and description
  • Review security of any 3rd party integrations with the Teams solution
  • Interview those responsible for administration of Teams
  • Provide a detailed report with all findings, recommendations and applicable mitigations

The service by default is delivered remotely, with minimal overhead on the IT Team, which is well suited to the current lockdown situation.

If you would like to discuss how Kaon Security can validate the integrity of your Teams configuration and implementation then our consultants are on hand to have an initial chat.

Contact Us Today

Fill in the form below or call us on +61 3 9913 3248 (VIC), +61 7 3194 3664 (QLD) or +61 2 9098 8206 (NSW)