We spoke to Pexip’s Head of Engineering Americas, Kyle Forney, about the changing cyber security needs and expectations among customers, and how this impacts their video conferencing decision-making.
The tides are changing and the “it’s not going to happen to us” mentality is fading fast. Cyber security has found its way to the top of the risk management agenda, and companies are thinking twice before deploying any sort of technology across their organizations. We live in the age of cyber awareness, and IT departments today are making key considerations to protect their companies’ often sensitive video conferencing data.
“These days, almost all organizations see their data as a valuable natural resource that needs to be protected. We see security breaches and ransomware attacks occurring across industries – at enormous costs to the organization, both financially and reputationally,” says Kyle.
Each organization has different levels of concern, Kyle explains, depending on the industry they’re in or the type of data they store. Based on their risk profile, companies can opt for various approaches to video conferencing, specifically in terms of how they host the service and manage the data.
“Healthcare is one industry that is strictly regulated in terms of data, especially here in the U.S. with HIPAA. This means that healthcare actors can’t use a run-of-the-mill video conferencing system, they require something that meets their compliance requirements and handles confidential patient data in the right way.”
For those who’ve set cyber security as a top priority, such as healthcare industry or government, these players typically opt to host their video conferencing solution in a sovereign cloud or as a self-hosted solution on-premises. This ensures complete data control and the containment of the data within the sovereign borders of the country.
Another consideration that privacy-focused companies are making is related to personal identifiable information (PII). These organizations simply cannot divulge any data that would give threat actors clues as to how to access their network systems. This type of data may include usernames, passwords, or even IP addresses – information that could be obtained by breaching a video conference.
“For organizations that need to minimize the risk of a data breach, it’s important to consider various hosting options for their video conferencing solution. In addition, it’s advisable to take a very close look at how that video conferencing provider handles your confidential data, where that data travels, where it’s stored and who has access to it.”
Business continuity is another important topic among security-focused customers these days, according to Kyle. Some businesses are so dependent on the ability to communicate via video, that they can’t afford a system failure. To prevent the worst case scenario, they need a back-up solution, always at the ready.
“If your primary video solution goes down, you could be out of business. It can be a huge mess for the company. You need to have a secondary system in place, so that as soon as one system goes down, you can simply flick on the back-up system and continue hosting your video calls.”
Being a security conscious organization can often feel like a tug-of-war between security protocols and fun features that users enjoy. It’s important that an organization takes a hard look at its own risk profile and finds the right balance between security measures and meeting features in their video service of choice.
“We at Pexip shine brightest among customer bases that have invaluable information,” adds Kyle, “the companies who have classified data that simply cannot leak.”