Digital security, integrity, and individual ownership are important aspects of software solutions these days. Many ubiquitous web services data-mine their user base, and in many cases, this data is packaged and sold to unknown third parties.
This may seem like a small price to pay, and for individual users maybe it is, but for institutions that use video conferencing, screen sharing, and voice calls regularly, this built-in security breach is not a feature you want to start utilizing in your organization.
A surprising amount of information can be gleaned from your organization by using less secure video conferencing applications. For some, such as companies with competitive R&D goals, and universities on the bleeding edge of research, a lot can go wrong once that bulk data gets pushed up to the cloud.
Luckily, there are some common features that all state-of-the-art video conferencing solutions will most likely have in common. In the following, we will describe the most important aspects in detail.
Sending data to and from its origin and destination points is a weak point and therefore a potential risk. Luckily, using video conferencing software that will encrypt all the audio and video data being used into a garbled mess until the recipient decrypts it.
Most video conferencing solutions that use encryption do so highly efficiently with modern encryption techniques that generally don’t impair the real-time usability of the video conference itself.
If you need a central server to be running somewhere to be able to use the real-time audio, video, and screen-sharing service, then there could be security risks on the server itself. Regardless if you’re hosting the software yourself, your server might potentially be targeted for cyber attacks.
The optimal solution would be a peer-to-peer (P2P) approach, since it doesn’t have the risk of a man-in-the-middle attack. However, in video conferencing, P2P is not applicable. As soon as you are using three streams (for example, two videos and one screenshare), you need a central server to handle the communication. P2P can't support this and other advanced features. Therefore, it won't scale for any real-time application.
To ensure that the communication is secure, TLS/SSL and SHA-256 encryption should be used by the video conferencing software. The Transport Layer Security (TLS) provides cryptographic protocols designed to provide communications security. It ensures privacy and data integrity.
In detail, the TLS protocols allow communication to:
Since TLS 1.2, the military standard SHA-256 is used to encrypt communication. It's an industry standard that is considered to be one of the most secure encryption technology available. As a result, it's also required by law for use in certain U.S. Government applications and used by cryptocurrencies like Bitcoin.
The other big question aside from encryption is whether you own the software or not? In short, can you self-host this if you need to?
Most collaboration software is cloud-based, for the simple reason of easy data collection on its users. The product is the users. Sadly, the software is the hook in most cases.
With self-hosted video conferencing software you don’t have to worry as much about some central cloud computing service dragnetting all of your data and selling it to the highest bidder.
Although offering self-hosted plans, Digital Samba is fully committed to serving an optimized and secure Samba Live cloud infrastructure, to customers of all sizes. Samba Live is GDPR ready and provides transparent, easily accessible information on any privacy-related topic.
The last feature to generally look out for is the integrity of the software provider itself. Be a bit wary of entirely free services. Like mentioned before, in those scenarios usually you are the product being sold to big data brokers.
Look for straightforward monetization models. If you’re an organization that’s concerned with security and data integrity, then that’s what’s most appropriate for your needs as an organization.
Free trials may be available to lower the commitment barrier for trying out a video conferencing solution platform, but it's always good to make sure that the provider is following the rules above before committing to even using a free trial.
There’s no one single sign that does it for all your security needs. Look for software that has features including some combination of all of the above, depending on your needs.
Data breaches for hospitals, universities, and large companies are hugely costly and in some cases can put careers and lives at risk. Opening up your organizations’ communications to what is essentially a back-door being sold as a feature is a clear and obvious way to totally compromise the security of your organization’s operations.
In some cases, in the EULA, the user forfeits any information that they transmit over the platform. In these cases, intellectual property could be legally contestable, or outright forfeit depending on the rules which virtually nobody reads when they agree to abide by them. Some of these agreements are deliberately hard to read to conceal this or similar intentions against the end user.
Samba Live puts a bunch of options at the administrator’s disposal in order to try and fit a variety of needs.
For one, Samba Live supports all of the major security features illustrated above. It can be fully self-hosted if that’s what you’re after. But if you are not looking forward to taking on that task, Digital Samba is a highly straightforward and established specialist-company in the field of online collaboration. There will be cloud services available that support encryption and virtually any degree of administrative control an admin could ask for.
Samba Live itself remains very versatile while being as secure as any industry standard. Whether you are video calling from a mobile device or looking to do cloud-supported encrypted video conferencing from a meeting room, Samba Live can be configured to meet your specific organizational needs.
Clear trends are pointing towards a plethora of options that people will have when looking for the most secure video conferencing solution to suit their particular needs.
No one sign deems any particular option a one-size-fits-all solution for every need. But, depending on what priority is being considered, a user or an organization can both find what they are looking for in the sea of online options available to them. But, they can also find exactly what they are not looking for in the same sea of available options.
Digital Samba has been developing Samba Live to adapt to the ever-shifting security needs of enterprise and scaling organizations for about as long as the industry has been around. Future security threats will put very versatile, open platforms like Samba Live in demand for people who are aiming to avoid costly and potentially threatening data breaches.
EUROPEAN REGIONAL DEVELOPMENT FUND
A WAY TO MAKE EUROPE
DIGITAL SAMBA, S.L. has participated in the ICEX-Next Export Initiation Program, with the support of ICEX and the co-financing of the European Regional Development Fund (ERDF). The purpose of this support is to contribute to the international development of the company and its environment.