StrikeForce and Aite-Novarica Develop Framework for Secure Video Conferencing
StrikeForce Technologies announced the introduction of an alternative approach to video conferencing security designed for modern organizations, government agencies and their sensitive collaboration needs.
The joint research-driven white paper from StrikeForce and Aite-Novarica offers a more dynamic and secure approach than those available on today’s popular video platforms. The white paper recommends new secure video classification guidelines to protect the privacy and data of video conferencing calls based on the sensitivity of the information being discussed.
This white paper calls for data during videoconferences to be treated with the same diligence and governance as information shared on other media. Data must be identified and classified according to its sensitivity and each must be protected by appropriate security. The research and this unique approach was designed in accordance with the National Institute of Standards and Technology (NIST) Cyber Security Framework, a set of core standards and best practices to help businesses develop and improve their cybersecurity posture.
“As collaborative communications become more ubiquitous, it is imperative that all organizations, both government and private, view collaborative communication platforms as a primary focus of their cybersecurity initiatives and put in place protocols to ensure their protection. complete, ”said George Waller, Executive Vice President and Co-Founder of StrikeForce Technologies.
“This is the Wild West of video conferencing and if a hacker wants sensitive information, a video call is a great place to get it because users are likely leaving a ‘door’ open. It is especially important in various critical industries and sectors that confidential information is protected. For example, financial institutions that organize video conferences relating to mergers and acquisitions cannot risk any data leakage. On the other hand, you don’t need the time and expense of a full lockdown if you are discussing the sporting events of the week. This is what we are tackling. How do you know how to properly secure each call? “
Each of the four classification levels can easily be mapped to established control frameworks (e.g. PCI, HIPAA, NIST, CISA, FIPS, GDPR) as well as organizational policies, standards and guidelines for protecting sensitive information. .
“There are governance measures and good practices regarding how data should be handled on virtually any medium except video conferencing. It just doesn’t make sense and needs to be resolved, ”explained Joe Krull, Aite-Novarica.
The high-profile security vulnerabilities associated with general-purpose video conferencing platforms underscore the need for levels of security and privacy beyond the current and expected capabilities of these products.
As remote working becomes the new normal in all industries and industries, it has dramatically accelerated the use of video conferencing tools. At the same time, privacy concerns have come to the fore. Organizations today don’t have the assurance that sensitive data and conversations won’t be exposed in virtual meetings.
The newly proposed scheme would mitigate these modern challenges, by applying a new methodology around security controls based on four levels of sensitivity. This approach sets guidelines for sorting videoconferences based on levels of proprietary information or necessary levels of confidentiality. It recommends individual actions relating to each priority level of the conference.