Recently, the issue of security in telepresence and video conferencing has been raised as more businesses are adopting the technology to communicate intercompany business and other high level information to customers, partners and employees. Even though consulting groups and analysts agree there is a not a big risk today, as enterprises leverage the technology to connect more endpoints, mobile devices, audio-only systems and collaboration applications, they feel the risks will increase. This prompts a greater demand for security strategies in video conferencing. BrightCom, performance leader in integrated telepresence and video conferencing, discusses security strategies and how systems that are tightly integrated into existing enterprise security infrastructures can provide a layered system of security.
According to Bob McCandless, CEO of BrightCom, “Video conferencing security strategies must consider a layered approach to security to reduce the risk of infiltration and corruption. These levels are located at the physical hardware, the video conferencing system and enterprise directory services.”
Mr. McCandless argues that the most important layer is the physical security of the video conferencing hardware. Without proper storage security, equipment is at risk of being damaged or connected to digital video recording devices, providing anyone access to important video and data communication.
Security at the video conferencing system level is found in video conferencing or telepresence devices whether it is an MCU for traditional video conferencing systems, PC for systems such as Skype or in BrightCom’s Visual Collaboration System’s (VCS) client/server architecture. Here most systems encrypt of the video, audio and data streams using Transport Layer Security (TSL), Secure Socket Layer (SSL), standard web encryption schemas and Advanced Encryption Standard (AES) encryption to block access to data.
Encryption is used as a method or key that is restricted for the purpose of shielding the data from some people while making it available to others. While inherently encryption is similar to encoding in that they both alter the way data is presented, encoding converts data into symbols that may not be necessarily secret.
Today, most video conferencing vendors including BrightCom, Polycom, Tandberg and LifeSize use Advanced Encryption Standard (AES) encryption to obfuscate video, audio and data streams for security over public or private networks.
“For added security at the conferencing system level, many video conferencing vendors tend to refer businesses to the network service providers who in turn will suggest session border controllers for control over call admissions,” stated Bob McCandless. “BrightCom however goes one step further with tighter integration with enterprise directory services.”
The third level of security is provided at the enterprise directory services level integrating the conferencing system with the enterprise class security infrastructure to adhere to all of a business’ existing security policies.
“While AES encryption will support a level of security that will protect video communication from your everyday, run of the mill hacker, people with a higher level of skill in programming can easily use packet sniffers to breach the video and audio streams, continued Mr. McCandless.
“Because BrightCom approaches its offerings with an enterprise class, server based infrastructure that combines with process based conferencing endpoints,” said Mr. McCandless, “it creates a client/server model that can be directly integrated into corporate infrastructure for a higher level of security. Traditional telepresence and video conferencing vendors that use Multipoint Control Unit (MCU) infrastructure paired with firmware based conferencing endpoints are limited in directory integration.”
BrightCom’s approach allows secure access to the video conferencing system, requiring participants to login at BrightCom endpoints or remote laptops and desktops with the same credentials as their company’s LDAP directory infrastructure. Access to meetings rooms, people and functions such as meeting administration, scheduling, and recording can depend upon the predetermined permissions set within a person’s login information. When participants schedule meetings within the BrightCom VCS, meetings can be set as public, private for only registered users or private with security code for registered users.
The same applies for document management and content access and modification. Using the client/server architecture can easily allow for adding or removing relationships and roles dictating who can open and share specific documents, images or video clips. With firmware and MCU based conferencing systems, content management and role based security cannot exist since all data is streamed as video through the H.239 protocol.
“The flexibility of the software based platform of VCS allows for the same security protocols to be leveraged in the conference room that are applied to a enterprise level router, firewall, gateways, DMZ and other network security areas,” said Mr. McCandless.
BrightCom’s client/server infrastructure is also able to stay current with changing security standards with one touch upgrades. All the telepresence or video conferencing endpoints and web clients are able to be upgraded via the server without any physical maintenance. In opposition to this, traditional MCU or firmware based endpoints need to be replaced in order to have the most up to date enhancements or features.
BrightCom (brightcom.com) specializes in creating flexible and affordable video and telepresence conferencing solutions. With unique integrated data and video conferencing solutions, BrightCom offers a wide range of options to connect people and content from home offices, mobile devices, desktops or conference rooms. BrightCom’s Visual Collaboration System provides a powerful conferencing infrastructure for real-time interactive data sharing. BrightCom’s Lumina Telepresence allows for instant business communication empowering businesses with a fully immersive environment for natural collaboration and conversation. BrightCom’s ClearView Conferencing solutions allow for crystal clear HD or standard video and audio broadcasts giving business the face to face connection vital for effective communication. To learn more about BrightCom’s quality telepresence and video conferencing with in-depth collaboration features but without a costly investment on bandwidth upgrades, call or visit the website.