When looking for a conference call service provider, the common qualities that are often prioritized are affordability and user-friendliness. What about security? Although companies spend a lot of their budget in increasing network security and keeping sensitive company information confidential, having a secure conference call isn’t as prioritized. This might seem odd but believe it or not, most companies perceive it as the norm. Conference hosts have the tendency to be a bit lax in governing their calls which was put to light by a 2015 LoopUp survey:
99% of conference participants confessed to being unaware on who was in attendance and 93% mentioned that confidential information was sometimes shared during these meetings.
This means that, although unintentional, sensitive data might have been leaked to unauthorized participants.
There have been multiple cases in the past that showcase this lack of security. One infamous example took place in 2012 — a conference call hosted by the FBI to investigate a certain hacker group was hacked by that very same group¹. Not only did they listen in on the call, but they also secured a recording which they then posted online for all to hear. Another case occurred during the 2008 presidential primaries where Obama’s campaign lawyer managed to join unnoticed in a conference¹ hosted by the Clinton camp.
These might be pretty extreme cases, but the same thing can happen in a business setting. Since conference calling has become commonplace, there are increased risks when using it without proper security measures in place.
What are some of the threats to conference calls?
1.) Uninvited or Unwanted Guests
The last thing anyone would want in a conference call is an unwanted guest listening in especially when part of the meeting agenda is discussing sensitive information. Uninvited guests fall under two categories: unintentional and intentional.
Unintentional joiners might seem harmless enough - but there’s reason to be cautious of people who intentionally try to sneak into calls. Malicious intent cannot be completely ruled out in instances like these, and they often have one goal — to steal confidential information and use it to their advantage against the company hosting the call.
This is especially risky and dangerous for legal firms since there’s the apparent threat of damaging the case and the lawyer or firm’s reputation. There’s also the possibility of getting sued. Client information might also be at risk which can damage a company’s good name and credibility.
2.) Information Leakage
As mentioned earlier, cases where hosts were unable to keep track of who’s in the call or not are not uncommon. As a result, the possibility of having unauthorized people hear about company secrets increases. Situations like these are most likely caused by sending dial-in details to an unchecked distribution list or wrong recipients.
There’s also the case of internal leaks which can either be through sheer carelessness or just outright ill intentions. Although conferencing has become common, there are still users who have difficulty hosting as it may be cumbersome and requires a lot of coordination and multi-tasking. As such, a distracted host is prone to making mistakes and may unintentionally release sensitive information during a conference call.
When left alone, these threats can have great repercussions that put the company at a great disadvantage. Thankfully, there exists multiple measures that can ensure the security of conference calls. Some conference call services can provide each participant a unique pass code that expires when used once. Moreover, as an added layer of security, newcomers can be screened first to verify their identity before they can join the live call. Another feature that prevents unwanted guests from joining is a dial-out feature where operators simply dial out to participants and then connect them to the conference. For hosts who want to focus purely on facilitating the call, they can opt to using operator-assisted calls to make sure that calls run smoothly.
By keeping conference calls secure, the possibility of threats from happening is eliminated and allows a company to fully take advantage of conferencing and its various benefits.
Sources:
http://loopup.com/app/uploads/2016/11/Research-Now-2015-Survey.pdf¹