More people than ever before are video conferencing and video calling, using apps and services they’ve not used before or have only used for personal purposes.
As an organisation, your challenge is to enable the workforce to use these technologies, but in a way that is safe, secure and ensures an adequate standard of data protection.
The idea is to make sure that nothing personal or sensitive is shared without a person’s consent, and you don’t put your organisation in a situation where personal or sensitive data is leaked. You need only look at data breaches in the headlines to understand the impact they can have on your finances and reputation.
Read on for data protection tips to share with end users, as well as tips for those of you overseeing the technologies used in your organisation.
Tips for end-users:
Use your device in a safe location
Place it somewhere you can keep sight of it and minimise who else can view the screen, particularly if working with sensitive personal data. Also, keep an eye on what (or who) can be seen from your camera, and be sure to log out, mute, or turn off video, as appropriate, when you leave or take a break.
Consider the data protection and privacy rights of others
Ask before you post or share a picture or video of a video-call that contains their image, voice, and/or contact details. Don’t just assume they’ll be happy for you to share!
Don’t mix work and personal use of tools
Use work accounts, email addresses, phone numbers, etc., where possible, for work-related video conferencing to avoid unnecessary collection of your personal contact or social media details.
Be aware of privacy settings on messaging apps
Avoid sharing company data, document locations or hyperlinks in any shared ‘chat’ facility that may be public, as these may be processed by the service or device in unsafe ways.
Make sure that any device has the necessary updates, such as operating system updates (like iOS or Android) and software/antivirus updates.
Stick to your IT policy
Only use your organisation’s trusted networks or cloud services, and comply with any organisational rules and procedures about cloud or network access, login and data sharing.
Tips for IT leaders:
Implement security controls
Use effective access controls such as multi-factor authentication and strong passwords. Where available, use encryption to restrict access to the device and to reduce the risk if the device is stolen or misplaced.
Update your IT policy
Where video conferencing services are used, have a consistent policy regarding which services are used and how. Offer services through VPN or remote network access where possible.
Customise permissions in collaboration software
Being able to control who can join (or initiate) meetings will help protect the confidentiality of the discussions and prevent unwanted interruptions. Unauthenticated users could be required to enter a passcode.