Hosting virtual and hybrid events has become more popular over the past few years. Everyone, from businesses to schools, to small groups of friends, have expanded to online meetings and classes, or they are now offering hybrid events. Because most people haven’t participated extensively in online events or videoconferencing until the recent past, they don’t consider these gatherings to be a security risk. Online events can be a great place for hackers to access personal data, unbeknownst to attendees. Remember the “Zoom bombings” of 2020? Though they didn’t appear to do much harm, they showed everyone that meetings are not secure without taking specific steps to keep attendees safe and intruders out.1 Like any other online activity, there are some best practices you can implement that will help to keep your online events as secure as possible.
Educate Your Participants
First and foremost, always take time to educate attendees on meeting security. If it is a more casual event, have something in writing or make a quick video explaining how and why they can be at risk when attending online events. Inform them that, apart from implementing secure protocols, they face a significant risk of having their personal info stolen and sold on the Dark Web; there is also a risk of data or intellectual property being stolen, as well as a risk of outsiders “hijacking” the event. Oftentimes people don’t take online security seriously (“out of sight, out of mind.”), and this is where major problems occur across all sectors. Educating your attendees will highlight the seriousness of security at your event and will likely carry over into how they approach future online events.
If you are a business and are conducting events with employees, we strongly encourage you to take the next step and implement security policies specific to videoconferencing, webinars, and hybrid events. CISA has a resource documenting general practices, and Cyber Magazine posted a great article earlier this year on what to look for when choosing video conferencing platforms.
Across the board, here are some helpful dos and don’ts for your online events.
Dos for hosts:
- If possible, have attendees connect via a secure VPN.
- Choose a trusted platform with end-to-end encryption.
- Hide event URL.2
- Provide one-time passcode to event.3
- Verify attendees.
- Use multi-factor authentication when possible.
- Limit sharing of screens and files from attendees.
- Use a waiting room to further screen attendees prior to entering.
- Encrypt meeting recordings.4
Don’ts for attendees:
- Don’t ignore host’s security guidelines.
- Don’t send emails to other attendees they don’t know.
- Don’t share their meeting invite, URL, or password with others.
As more and more people continue to host and attend online events, cybersecurity criminals will also continue to increase. If you haven’t already done so, now is the best time to establish secure protocols that will ensure the safety of data and devices being used in your online events. Though it may seem like a time-consuming task today, it will provide you and your attendees with safety and peace of mind well into the future and keep intruders at bay!
For help establishing and implementing your organization’s online event security protocols, get in touch and let us know how we can help!