In most organizations, the only meetings happening right now are virtual meetings. Thankfully, the National Institute of Standards and Technology has come up with some best practices for virtual meeting security.
Note: there are low, medium, and high risk conference calls based on the content. The higher the risk, the more of these steps you’ll want to implement.
- Limit reuse of access codes; if you’ve used the same code for a while, you’ve probably shared it with more people than you can imagine or recall.
- If the topic is sensitive, use one-time PINs or meeting identifier codes, and consider multi-factor authentication (MFA).
- Use a “green room” or “waiting room” and don’t allow the meeting to begin until the host joins.
- Enable notification when attendees join by playing a tone or announcing names. If this is not an option, make sure the meeting host asks new attendees to identify themselves.
- If available, use a dashboard to monitor attendees—and identify all generic attendees.
- Don’t record the meeting unless it’s necessary.
- If it’s a web meeting (with video):
- Disable features you don’t need (like chat or file sharing).
- Before anyone shares their screen, remind them not to share other sensitive information during the meeting inadvertently.