5 Factors of Audio Conferencing Security to Evaluate

What concerns you most about your conference calls?  Call quality and reliability?  The success of your meetings?  What about having someone snoop on your call? 

Maybe audio conferencing security isn’t the first thing you worry about – and that’s fair.  Between all the phishing scams, malware nuisances, and potential Denial-of-Service attacks, your IT department and business are already up against mounting security threats.  Nonetheless, the risk of someone hacking your conference calls is no less of a danger, and it has become a more significant problem in recent years.

Over the past two and a half decades, audio conferencing has changed significantly.  The primary change has revolved around the development of software that utilizes web-based protocols and applications to better control and carry audio conference calls.  (Your friends here at MeetingOne were some of the pioneers in this field of “internet-enhanced conferencing”!)

Yet, when programmers began designing and building software that used facets of the internet to enhance conference calls, audio conferences became increasingly vulnerable to criminals such as hackers, script kiddies, and web snoopers.  Although audio conferencing has been greatly improved by these upgrades, it is critical you know what audio conferencing security features your provider offers.

To help you make the best assessment of your overall teleconferencing security, we’re following up our previous blog, “6 Factors of Web Conferencing Security You Need to Consider,” with a discussion on audio conferencing security. 

Threats to Your Audio Conferencing Security

Call Snooping:  As with web conferencing, the last thing you want is some random outsider listening in on your conference calls.  In Healthcare, snooping can lead to compliance issues with HIPAA, as the confidentiality of your patients’ protected information can be compromised.  Fail to comply with HIPAA, and you could be slapped with a huge fine.  For a legal firm, if someone intrudes upon your call, they could potentially damage your case and reputation – oh, and you could get sued!

---

Internal Leaks: When it comes to information security, internal leaks represent one of the most prevalent issues and threats.  Despite everyone’s best efforts to encourage comfortable and open work environments, the occasional disgruntled employee is liable to leak information about valuable business assets, acquired during a conference call.
That said, not every leak is the result of ill intentions.  Sometimes, all it takes is a careless employee, who was not supposed to be on a call, to confide a vital trade-secret to the wrong person, and your business could suffer a crippled reputation and incur financial damages.

There’s a lot you are up against, so let’s get you up to speed on audio security musts.  When it comes to knowing the necessary features of audio conferencing security, there are 5 factors we feel you should be evaluating.

Audio Conferencing Security: 5 Critical Factors

Factor #1: Securing Access

In the new era of audio conferencing, internet enhancement helps make for more productive meetings, through the use of features that manage group interactions.  These same components can double as security elements, particularly when you are Securing Access to a conference room.  Two examples of securing access are setting Conference Parameters and utilizing Access Mode Features.

• Conference Parameters: Conference parameters are broad configurations made to a conference room before the actual event.  Establishing parameters, such as maximum numbers of participants, sub-conference rooms, and inactive time, help you keep track of participant movement.  Parameters can also be extended to setting In-Call Default features, such as conference locks, which bar entrance to the conference once the meeting has begun.
• Access Modes: Access modes can be defined as the features regulating access into a conference room. Similar to airport security (minus the uncomfortable pat-downs), a basic access mode is Screening, where a Host can let in participants one-by-one.  Or a host can simply leave the conference room locked, accessible to a participant only when they are dialed-out to by that host.  (See “Factor 4: In-Conference Features” for more on “dialing-out.”)

Securing the access features of a conference room is a critical starting place for all audio conferencing security.

---

Factor #2: Defining Audio Roles & Privileges

Determining how individuals gain access to your conference rooms is of the utmost importance.  To ensure individuals have the appropriate access to your conferences, you need an audio conferencing platform that makes user authentication a major aspect for conference access.  Many of the better platforms offer Contact List or Directory features, which can be used to assign the roles and privileges that will define one’s access to audio conference rooms.

• Contact List or Directory: To define audio roles and privileges, many audio conferencing platforms use a virtual Contact List or Directory feature.  These features serve two functions: on one side, they act as a virtual repository for your contacts; on the other, they are essential for defining an individual’s access to your room.

Better Contact List or Directory features allow you to create unique identifiers for participants that pre-approve how they can interact in your audio conference rooms.  In doing so, you can keep your employee, Joe Shmoe, out of conferences he’s not supposed to attend.

Make sure to discuss with your audio provider what features they have for defining roles and privileges, and how to access these options.  Defining the roles and privileges for your conferences is often the best way to prevent snooping.

---

Factor #3: PINs & Conference Codes

There’s an unfortunate but very real fact: anyone can get a conference phone number.  With the right tools and software, that individual can then sneak into your conference calls.  To prevent these potential break-ins, it is important your audio conferencing platform offers Personal Identification Numbers (PINs) and Conference Codes as standard features.

• Personal Identification Numbers (PINs) for Host: As the title suggests, a Personal Identification Number is a unique identifier provided to a host alone.  Functioning as the key to unlocking audio conference rooms, PINs assure only hosts have access to and management of their rooms.
• Conference Codes for Participants: Designated by the host of a conference room, a conference code is a set of numbers that provides the participants a unique entrance passcode to the respective audio conference room. These codes can also be individualized, providing each participant a personalized key to enter a conference room.

Providing conference codes is likely the most important step in preparing the security of an audio conference.  Using codes helps limit two potential threats: outside conference hackers, and unwanted internal leaks.

---

Factor #4: In-Conference Features

To this point, we’ve focused on the security options you should have available for managing the configuration of your audio conferences.  But what are the features you need to keep an audio conference secure once it has begun?  Here are a few beneficial components:

• Host Dial-Out: Perhaps you are wary that conference codes won’t suffice, and you’d rather completely control attendee admittance yourself. Very wise.  With a Host Dial-out feature, you (the host) can select and contact whom will enter your conference room, and when.
• Roll-Call: Even if you are already leveraging access modes like Screening, you may still want to double check on who has entered. To do so, utilize a conference “Roll-Call.”  A roll-call feature will require attendees to record their name before entering.  As attendees enter, their names will then be listed aloud.  If “Jim Beam” is announced, and there’s no Mr. Beam in your workplace, you may want to dump them from the call (more on disconnecting participants below).  Roll-calls can also be recorded, which provides you the option to review the names of participants after the conference.
• Muting: Muting is pretty self-explanatory, but it has significant ramifications. Imagine a situation where a team member of yours is rattling off a little too much information.  Rather than let them continue, you can mute their phone.  In doing so, you can avoid a leak of valuable information.

Although you can mute everyone with phone key prompts, selecting and muting a single person requires an online audio-visual interface.  Make sure your audio provider offers such software.  (One of the industry’s first online audio-visual interfaces was MeetingOne’s Click&Meet.  We weren’t kidding about being pioneers.)

• Impromptu “Apparte”: French for, “Uh oh, Joe Schmoe isn’t supposed to hear this – move him out quick!” an apparte feature is a virtual space where you can place people who have been whisked away from the main conference room, spur of the moment (thus the “impromptu” aspect). Typically, you would isolate a participant in this way if they were not privy to confidential information during a conference.

As an example, Click&Meet’s Sub-Conference Rooms feature functions for impromptu apparte when individuals are selected by a host and moved into a different room.

• Disconnection: To manage any instance in which you feel an unwanted guest has intruded upon your call, you need a disconnection feature. Although most audio conferencing platforms offer easy means to disconnect everyone from a call, only a system with an online audio-visual interface has the functionality to disengage particular attendees.

These five features, among others, help you remove those unwanted participants or the cunning perpetrators who may sneak past the first, second, and third walls of protection.

---

Factor #5: Recordings

Can’t remember all that was discussed in your last conference call?  With the right audio conferencing provider, call recordings can be easily placed at your disposal.  Many businesses share their recordings with absent employees, trainees, and partners, so they can be aware of what was discussed during the event.  In a more recent development, doctors have been recording sessions with patients, so their conversations can be later accessed by either party.  The benefits of recordings are endless.

Regardless of how you use audio conference call recordings, it is imperative to have them well secured.  In 2012, the “hacktivist group” (i.e. a group of hackers whose activity is aimed at promoting a social or political cause) Anonymous hacked into an FBI conference call recording then placed it on the internet for all to hear.  Ironically, or not, the FBI’s conversation was regarding how they were going to handle cyber threats – particularly those of hacktivists.

Minimally, you need to make sure any recordings your audio provider stores for you are protected while at rest, or in transit, using encryption combinations.  The best methods layer symmetric and asymmetric encryptions.

With symmetric encryption, a single code is used to encrypt the data of a recording by your audio provider; then that same key is used to decipher the coded data by you.  That code word, or “key”, is a secret, shared only with your provider and you for access to a recording.

Asymmetric encryption employs keys in a slightly different manner.  With asymmetric encryption, you take advantage of two keys: one public, one private.  Being public, one key is shared between anyone who might need it.  The private key is yours alone.  Having the public key, your audio provider can send you a recording to a “lock box.”  At rest in the “lock box,” you alone can access the recording with your private key.  It’s one way in, one way out.

Overall, bundling symmetric and asymmetric methods of encryption layers the protection of your recording – a must for audio conferencing security.

---

Conclusion

Getting the most out of audio conferencing technology comes when you have the assurance of safety and security.  When you can worry less about managing external threats and internal leaks, it gives you the opportunity to focus on the success of your presentations and conferences.

Assessing the security features your audio conferencing provider offers, is critical.  If they haven’t addressed many of the above factors, all of the benefits of internet-enhanced conferencing can be undermined by the aforementioned security threats.

Over the last few decades, MeetingOne has invested a considerable amount of time and energy into refining its audio conferencing security.  This investment in audio security technologies and methodologies will always be principal to our business. We love sharing our expertise; ask how we can help ensure your audio conferencing security is up to industry standards!