Web Conferencing Standards for Privacy and Security
As the use of Web conferencing has grown, both companies that participate in it and the companies that provide Web conferencing software and hosting services have recognized the need for Web conferencing standards for privacy and security.
Web conferencing privacy protects personnel records, as well as the private information and participation of individuals involved in a conference. Web conferencing security protects information that a company or government agency doesn't want to share because it could affect the company's plans or profits, or national security. Web conferencing standards would help to protect both of these needs.
As with any activity that uses the Internet, Web conferencing comes with the risk that hackers and company rivals may listen in on a conference or take information from it. During a Web conference, data is stored temporarily on a shared Internet server -- belonging either to the company itself or to the company providing hosting services. That's the time when the data becomes most vulnerable to theft.
As protection, most Web conference hosting companies take a three-part approach to data security during a Web conference:
While each hosting company has its own security architecture, they all conform to informal industry standards. Internet standards -- like those for Web conference security -- often are based on specifications developed by the Internet Engineering Task Force (IETF). Manufacturers, Web hosting companies and others then voluntarily agree to standards and follow them.
Recognizing the need, the IETF set up the Centralized Conference Working Group (XCON) in 2003 to recommend standards for Web conferencing. XCON is developing a standardized suite of protocols for multi-media conferences where strong security and authorization requirements are needed. While XCON is still working on parts of this, companies are using some completed recommendations in their security architecture. That's why you may see XCON mentioned in hosting companies' descriptions of their security systems.
As the host of a Web conference, you can take action to make sure the conference has adequate security. Here are some things you can do:
Finally, don't stop thinking about security when the conference ends. For example, make sure a hosting company deletes confidential data from their server immediately after the conference. Limit access to the recorded conference and, if you're providing a podcast of the conference, edit carefully to remove sensitive information.
Next, let's consider the Web conferencing options available for solo entrepreneurs.