Volver

Videoconference: Governmental Framework and Cybersecurity

  • Videoconferencing has become part of our daily lives.
  • Videoconferencing is required for contracting financial services.
  • Common video conferencing security concerns
  • How to create secure videoconferences
  • The government cybersecurity framework
  • Benefits of enhancing enterprise video conferencing security

Videoconferencing is increasingly used on a daily basis. Not only for the labor sector, which is the most advanced, other areas of human endeavor are joining the advantage of attending to matters remotely. The contracting of financial services, for opening and requesting products through videoconferencing, is one of the novelties that emerged in the pandemic.

As always happens, the growth attracts the attention of criminals who do not hesitate to violate the security protocols of the most common apps and forced the states to reform the legal framework for the use of these tools.

Office invades home

In the United States, remote work is already a matter of national security, as reported by the National Security Agency (NSA) in its most recent report on the security of the 13 most common videoconferencing apps. The information disseminated through the millions of hours of virtual meetings of companies working remotely in that country is very valuable at the federal level.

“Two worlds that we thought were separate have collapsed: the home and the office. While before there was a delimited space and time for work life and coexistence, separated from home life, the office invaded the home space, and we began to live a continuum of space and time between both worlds”.

So assures the study on the socioemotional impact on covid-19 times by the research agency Dinamia.

Financial services are just a click away

The pandemic impacted the banking sector, which reacted to avoid a major crisis. The Ministry of Finance and Public Credit and the National Banking and Securities Commission issued a document with the new temporary administrative facilities for the contracting of remote financial services.

This agreement allows the contracting of financial services with the opening of level 4 bank accounts for up to 30,000 UDIs per month through a video recording where the client’s identity is verified or a new client is entered into the system.

The applicant has the option of making a 30-second continuous video in which he/she validates his/her identity by showing his/her INE and performing various life tests in accordance with the guidelines established by the institutions and using biometric facial recognition tools with encryption mechanisms in the communication channels.

Financial institutions are responsible for providing the necessary tools and describing in detail the technological infrastructure used to carry out their process as well as the technology providers involved.

The new non-face-to-face identification processes allow individuals or companies to contract high-level financial services by appointment or by downloading an app. One of the advantages of videoconferencing, but also a call to companies in the banking sector to verify the security measures of their systems.

Cybersecurity, the issue of greatest concern

Cybercrime attacks have not diminished since the beginning of the pandemic. As active cases of covid-19, the vulnerability of the systems of companies, banks, government offices, shopping apps or videoconferencing, continue to increase and efforts seem insufficient.

Among the most important concerns of fintech companies is protecting business secrets, making end-to-end encryption convenient for handling confidential information.

Many companies worry about video conferences being intercepted by third parties and classified material being distributed. A corporate espionage network is growing through the deep web. Criminals are willing to hand over important information to competitors for a good amount of virtual currency.

Safe videoconferencing is a reality

Beyond the efforts of each videoconferencing app to keep its protocols inviolable, companies are opting to reinforce security measures either through security tips or by adding extra software to their communication systems.

Videoconferencing with extra shielding

Securing the meeting and requiring authentication

Meetings via video conferencing can be easily hacked if they do not have a minimum authentication factor, such as a password. A basic tool in every application that allows only those who enter the correct password to be accepted into the meeting.

Authentication is also important and can be done manually by asking the guest to turn on their camera to verify their identity; and even mandatory with facial recognition software.

Companies such as ReconoSER ID through its Meeting ID product, which works with Zoom, offer extra cybersecurity services by allowing the administrator to request biometric facial recognition to verify people’s identity.

The system allows creating Zoom meetings with a higher layer of security by biometric validation of the guest with life proofs such as smiling or opening the mouth to prove identity and allow access to the videoconference.

Other ways to secure videoconferencing sessions

One of the ways to secure the content of the meeting is to disable the screen sharing feature, so that inappropriate, violent, racist or political content will not be played in any type of meeting via video conferencing.

Similarly, preventing third party links from being shared in the meeting chat ensures that the system is not compromised with a virus or even inappropriate material that can be used in a negative way.

Personal security, be careful what you share

Companies may be able to establish advanced cybersecurity protocols for their videoconferencing mechanisms, but what they cannot avoid are the carelessness of their employees that lead to security problems.

Establish a corporate wallpaper or blur the background when answering a business call. Avoid at all costs displaying personal information in the background of the videoconference frame such as family photos or where you live.

Be very careful with the information you have open when sharing your screen, avoid displaying personal data such as banking information or home address. Cybercriminals are on the hunt for this type of data to commit fraud and identity theft.

Review settings and activate alerts

Security options are different for each videoconferencing app, so it is important to review the configuration of each one and choose the one that suits the needs of each meeting. Sometimes simply choosing a strong password can prevent hacking attempts.

Another way to keep videoconferences secure is to activate alerts for when invitations to virtual meetings are forwarded. Keeping control of the rooms allows them to be kept secure.

Keeping software up to date

As important as any security measures employed, keeping your software up to date keeps you up to date with the security protocols of any video conferencing service provider.

It is recommended that you turn on automatic mode for any updates, or check from time to time to see if you have the latest version of the app in use. Large companies spend thousands of dollars combating weaknesses in their systems, regularly finding and repairing deficiencies. Updated systems have all the security patches used by the cybersecurity areas that support them.

Legal framework under construction

Unfortunately the law in Mexico still does not protect citizens from cybercriminals, Congress is still debating how it will deal with current and future attacks.

Several law initiatives have been presented since 2015 when the need to prepare for cybercrime was recognized. The Federal Law to Prevent and Punish Computer Crimes of 2015; the Computer Security Law of 2019; the General Law of Cybersecurity which governs us and was proposed to be reformed this 2021.

The cyber risk map is growing every day and the Mexican Congress is still debating how to deal with them in a legal framework. The last reform proposed in March 2021 was severely questioned for criminalizing the daily use of the Internet.

The challenge is to legislate without infringing on people’s individual rights in order to provide the population with a system focused on protecting the identity of companies, people and reducing the growing numbers of cyber fraud that have Mexico as the country with the highest risk in Latin America and number seven in the world according to the report Fintech App Marketing Insights: LATAM Edition 2021 by the firm Apps Flyer.

Benefits of redoubling videoconferencing security efforts for the financial industry

Given that there is no adequate federal regulation for the use of videoconferencing apps, the risk is latent and it is important to consider each of the recommendations outlined above to increase the security environment of a virtual meeting.

The sector is the most exposed to the theft of confidential information, extra security measures such as Meeting ID from the Colombian startup ReconoSER ID are welcome for those who need to reinforce authentication in their meetings.

The financial sector resorted to videoconferencing because of the need to grow the business, the path has already been opened and cybercrime is preparing to commit crimes at any available window. Redoubling efforts in cybersecurity is essential for the correct use of information technologies and products such as Meeting ID adapt to the needs of the market.

By Alfredo Gutiérrez Bayardi

Videoconferencias

Bibliography

Dinamia Investigación Social Estratégica. (2021). Radiografía del Impacto Socioemocional del Home Office en tiempos de Covid-19. 2021, de Dinamia Investigación Social Estratégica Sitio web:
https://dinamia.com.mx/estudios-de-opinion/

Kaspersky. (2020). Videollamadas y videoconferencias en línea: cómo mantenerse a salvo de los hackers. 2021, de Kaspersky Sitio web:
https://latam.kaspersky.com/resource-center/threats/video-conferencing-security-how-to-stay-safe

National Security Agency NSA. (2021). 2021 Cyber Management Review Hosted at Fort Meade. 2021, de NSA Sitio web:
https://www.nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/Article/2847320/2021-cyber-management-review-hosted-at-fort-meade/

TechBit. (2020). En videollamadas entregas más datos de lo que crees. 2021, de El Universal Sitio web:
https://www.eluniversal.com.mx/techbit/en-videollamadas-entregas-mas-datos-de-lo-que-crees

Antonio Gil Moyano . (2021). Seguridad en aplicaciones de videollamadas: Microsoft Teams, Zoom y Google Meet. 2021, de Telefónica Tech Sitio web:
https://empresas.blogthinkbig.com/seguridad-aplicaciones-videollamadas-microsoft-teams-zoom-google-meet/

Jersain Llamas Covarrubias. (2021). Análisis de la iniciativa que expide la Ley General de Ciberseguridad, presentada el 25/03/2021. 2021, de Foro Jurídico Sitio web:
https://forojuridico.mx/analisis-de-la-iniciativa-que-expide-la-ley-general-de-ciberseguridad-presentada-el-25-03-2021/

Article19.org. (2021). Propuesta de Ley General de Ciberseguridad criminaliza el uso cotidiano de Internet y tiene capacidad de censurar la crítica. 2021, de Article19.org Sitio web:
https://articulo19.org/propuesta-de-ley-general-de-ciberseguridad-criminaliza-el-uso-cotidiano-de-internet-y-tiene-capacidad-de-censurar-la-critica/