Securing Virtual Meetings
While Microsoft Teams is the preferred and recommended solution for virtual meetings, some units may choose to use other virtual meeting platforms that allow users to perform a variety of tasks together, including video chats & remote presentations. Regardless of the platform used for virtual meetings, you should take steps to secure your meetings and video chats against cyber-intruders.
Why Secure Meetings are Important
As more users switch to virtual meetings, they have reported an uptick in meeting attacks. These attacks generally consist of uninvited guests taking control of the meetings and sharing explicit imagery. Adjusting security settings will help reduce the likelihood for these types of attacks. The settings may vary depending on the platform you are utilizing, so be sure to seek guidance from the vendor or OIT if you're having trouble determining how to configure recommended security settings. Additionally, OIT's help and resources for Microsoft Teams provides instructions for enabling the recommended settings outlined below.
- Set meeting passwords. By setting a password for your meetings, then only users who have the password can access the content you are presenting.
- Only share meeting link with the intended audience. Attacks often occur because end users publicly post their meeting links which allow direct access.
- Use the waiting room feature. If available, use a "Waiting Room" feature that allows the host to control when a member can join a meeting. As the meeting host, you can admit participants one by one or hold all members in the waiting room and admit them all at once.
- Set an alternative host. The co-host feature allows users to share their ability to host with another user in a meeting or webinar. This can be useful to allow another user to manage the administrative side of the meeting, such as muting participants or starting/stopping the recording. This means that instead of having to both present and be the “admin” of the group, you can delegate the position to someone who could closely monitor the group chat more consistently
- Set recording to only be enabled by the meeting host. To prevent others from recording the meeting without your consent or knowledge, configure the meeting so that you as the host control the ability to record the meeting. Additionally, screen capture or recording of meetings, chats, or screen sharing within these virtual meeting platforms for collaboration with sensitive data is not recommended. When considering recording meetings that discuss HIPAA, FERPA, ITAR or other regulated/sensitive data types, it is recommended that the meeting owner consult with the Information Security Office to ensure appropriate data handling. For additional information, be sure to check out OIT's instructions for using Microsoft Teams with sensitive data.
- Disable the ability to join the meeting before the host. The ability to join a meeting before the host allows attendees to join the meeting before the host joins. By disabling this function, users with access to the meeting cannot take over the host role.
- Host only screen sharing. Ensure that screen sharing in meetings is limited to the host. You can change this if you need to allow other attendees to share their screens. The “Host-Only” option makes sure that no one else can control your presentation or classroom.
- Keep your virtual meeting platform updated. As security issues are discovered, new updates will be available for your application. It is important to regularly update applications to keep up with these fixes.