During the coronavirus pandemic, online meetings become more important and popular for us to keep connecting with people and maintaining our works. However, new attacks targeting online meetings and users also increase rapidly, so it is recommended to follow below DO and DON’T list to protect your data from cybersecurity threats.
For Meeting Host
√ Do use the latest version of the software
Always use the latest version to update fixes for those exploited vulnerabilities.
√ Do protect your meetings with Password
Set a password mandatory for your meetings to protect against uninvited participants and to secure all the information related to the meeting.
√ Do use waiting room features
Put participants in a separate virtual room before the meeting and allow the host to admit only people who are supposed to be in the room.
× Don’t share links to meetings or classrooms via social media
Invite attendees from within the video conferencing software or CUHK O365 email, and tell them to not share the links.
× Don’t allow participants to screen share by default
Your software should offer settings that allow hosts to manage the screen sharing. Once a meeting has begun, the host can allow specific participants to share when appropriate.
√ Do verify participants
Check the attendee list during the online meeting. Reject those uninvited participants to prevent intruders able to get in or becomes unruly.
√ Do lock a meeting
Do lock meeting once all the participants have joined the call. However, if a valid participant drops out, be sure to unlock the meeting to let them back in and then re-lock it after they return.
× Don’t record meetings unless you need to
If you do record a meeting, make sure all participants know they are being recorded (the software should indicate this, but it’s good practice to tell them too) and give the recording a unique name when you save it.
For General User
√ Do Use the Latest Version of the software
Always use the latest version to update fixes for those exploited vulnerabilities.
√ Do Verify Meeting Invitation and Meeting Links
Verify the meeting invitation is sent from known and trust sender. Check the meeting links by mouse-over the link instead of clicking on it. Beware of malicious links with suspicious extension, e.g. “.exe”, since it may contains malicious malware.
√ Do Review Your Security Settings
Review and enable appropriate security and privacy settings of your computer and software to prevent attackers from exploiting known vulnerabilities. Please follow the Guidelines for security configuring your computers.
√ Do Keep your Privacy
Make sure you are not accidentally sharing anything confidential on your laptop or in your background. Make use of virtual backgrounds helps.
√ Do Report Suspicious Activities
Report any suspicious activity to the meeting host or ITSC for assistant if necessary.
In addition to the above tips, more Information Security Best Practices can be found at ITSC website.
Let’s stay Safe, stay Healthy, and stay SECURE to enjoy technology brings you convenience.
References:
Apr 2020
Cookie | Duration | Description |
---|---|---|
cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |