As video conferencing has surged in popularity due to the COVID-19 pandemic, data privacy and security problems with tools like Zoom, have come to light. The security of video conferencing isn’t just a topic for government agencies and GDPR. The data security practices and policies built into the apps and services you use at home and at work are critically important and can have real consequences if they aren’t prioritized by the vendors that you partner with.
Even in 2020, companies like Google’s Nest and Zoom are still making it relatively easy for hackers to access their live video feeds. Video conferencing and IOT video devices are high profile targets, and by mixing unsecured networks and subpar video conferencing security practices, you’re opening yourself and your business up to big vulnerabilities.
3 reasons to prioritize secure video conferencing
1. Earn trust from clients and partners
Consider the email client you use to represent your business — Outlook vs. Gmail vs. Hotmail vs. AOL — they all have subtle differences regarding the perceived validity of your business. Associating your brand with security breaches and vulnerabilities can create hesitancies in your partners’ and clients’ willingness to do business with you.
2. Sensitivity of information
While consumer-based video chatting apps deal in day-to-day personal experiences, some of which can be quite private or embarrassing, business-critical communications are oftentimes centered around trade secrets, product and patent details and personnel records, and can have serious legal ramifications in the wrong hands. The increased sensitivity of the information is reason enough to prioritize security.
3. The cost of cyber crime
According to a recent Forbes article, cyber crime is projected to reach $2 trillion this year. The damages incurred from a serious security breach are much more than just a bad round of press. Cyber insurance isn’t a multibillion dollar industry for nothing.
Why doesn’t every video conferencing solution encrypt calls?
Quite frankly, security and encryption are hard work and resource intensive. To be the best secure video conferencing solution, you have to constantly improve your security measures while also understanding that quality and clarity will require additional overhead for the service provider to add in the extra layers of encryption.
One reason video providers deprioritize security or make it an optional feature is to try to preserve quality. Solutions that do not encrypt by default often are concerned about performance, particularly on older devices with less raw computing power. Adding the additional encryption noticeably reduces the quality of the video stream for some video conferencing providers. Our take — don’t put yourself in a position where you have to trade off privacy and quality.
Lifesize security and encryption advantages
Security is an important consideration when partnering with any technology vendor. Our recommendation is to prioritize your active in-flight video calls and at-rest recordings with a heightened level of data security, just as you would with a cloud record keeping or file sharing technology.
Security of foundation and architecture
Lifesize operates a shared security model with Amazon Web Services (AWS) data centers to leverage third-party security and privacy certifications such as SOC and ISO27001. Lifesize has chosen to use AWS, the premier public cloud offering, and to focus on optimizing our operational efforts around a single solution implementation and not a colocation or hybrid solution.
Security of operation
The Lifesize production service operates separately and independently from the Lifesize corporate IT environment. The systems used for source control, build and continuous integration (CI) and the staging environment for quality assurance (QA) are each also maintained in separate independent environments. Read more about our processes and controls for source code management.
Security of conference room solutions and endpoints
Conference room camera security is prioritized in every solution we build. Our systems are engineered exclusively for video communications as opposed to component-based kits with general operating systems. The closed-box design does not allow others to use and/or add unsupported or malicious software.
Security of video calling
The Lifesize service, room systems and client software provide secure and encrypted video, audio, presentation (media) and call setup (signaling) in every call. Encryption cannot be disabled by either administrator or user. All calls are encrypted with no trade-off in quality. By standardizing on WebRTC, encryption is a mandatory component and applies to both signaling (via DTLS) and media (via SRTP/AES-128).
Security of audio calling
The Lifesize cloud-based solution offers a dial-in audio conferencing capability (as an optional service) delivered in partnership with industry-leading providers, enabling PSTN-to-VoIP connectivity with dedicated routes directly to the Lifesize infrastructure. Audio calls originating from the PSTN dialed toward the Lifesize cloud-based service will remain unencrypted, similar to other voice conferencing services.
Security by authentication
Lifesize supports single sign-on (SSO), and it is offered as an additional option for customers. SSO allows you to extend your own password retention, complexity and controls consistently to Lifesize. SSO also allows you to control which users have access to your Lifesize cloud-based subscription and which do not. More importantly, when using SSO with Lifesize, Lifesize authentication will occur directly between your users and your identity provider (IdP). Learn more about Lifesize SSO.
Lifesize Trust Center
For a complete overview of Lifesize's video conferencing privacy resources and collateral covering our availability, security, privacy, certifications and GDPR compliance, please visit the Lifesize Trust Center.
Ready to get started with secure video conferencing?
Whether you’re researching video conferencing for the first time or reevaluating vendors for the next phase of your conferencing and collaboration solution, security should always be a high priority component of your search. With the best security practices built into every element of the Lifesize solution and specialized features like one-time virtual meeting rooms and password protected meetings, Lifesize delivers on best-in-class quality for teams that are serious about security.
In response to the coronavirus pandemic, Lifesize is offering free, unlimited video conferencing service to all global businesses for six months. Our goal is to support businesses and employees as best we can during this difficult time and keep the world working.
Video conferencing security FAQs
Is video conferencing secure?
Not all video conferencing services enforce security and encryption, but Lifesize offers the highest level of security enabled by default.
How many IP addresses need to be accessed for video conferencing?
Lifesize has precisely defined 285 IP addresses; others require a “range of addresses” (ex: BlueJeans at 6500+ and Zoom at 10,000+ IP addresses). The Lifesize list is always up to date thanks to TTL and never needs to be reconfigured.
How do I encrypt a video call?
Encryption is done by your video conferencing software provider. Lifesize offers encryption by default and does not require users to do anything to encrypt their calls.
Will a VPN secure my video calls?
With Lifesize, you’re effectively using a VPN. Adding an additional VPN would be like adding an additional envelope to your letter and not give you any extra value. It would more likely impact your video calling performance.