Videoconferencing: Think Twice Before Hitting 'Record'After Rushed Adoption, Kroll's Alan Brill Says Security and Privacy Must Catch Up
Because so many workers now work from home during the COVID-19 pandemic, videoconferencing has become essential. But in this rush to communicate remotely via tools such as Zoom, WebEx, Skype, GoToMeeting and Teams, what unintended privacy and security consequences might organizations be facing?
"I want to warn people about potential problems so they can think about how those problems might impact what they're doing on a day-to-day basis and perhaps have a talk with their counsel, have a talk with their risk managers, have a talk with their HR people, to come up with a solution that meets their particular needs for their particular set of locations, types of calls and rules," says Alan Brill, senior managing director in cyber risk practice at the consultancy Kroll.
"The first rule is to engage your brain before you engage the record button," he says. "And think about whether this is a meeting that should be recorded."
In a video interview with Information Security Media Group, Brill also discusses:
- Potential privacy and security problems posed by the surge in work-from-home employees relying on videoconferencing;
- How recordings become a business record and thus may be a treated as evidence during litigation or requested by regulators;
- Steps organizations must take, including mitigating potential data breaches by carefully determining what to record and knowing where all recordings get stored and how they're safeguarded.
Brill is a senior managing director with Kroll's cyber risk practice. As the founder of Kroll's global high-tech investigations practice, he has led engagements that range from large-scale reviews of information security and cyber incidents for multibillion-dollar corporations to criminal investigations of computer intrusions.