• English
  • Svenska
Join any meeting from Microsoft Teams Rooms. Available now
Pexip-Logo-Blue-RGB
Products
Products
Pexip Connect Meeting room interoperability Pexip Secure Meetings Secure video conferencing solution Pexip Video Platform Self-hosted platform for custom solutions Pexip Secure VPaaS NEW Platform-as-a-service for custom solutions Pexip Engage B2B and B2C scheduling engagement
Downloads
Apps For Windows, iOS, Android Platform For private self-hosted deployments
How to buy
Find the right plan and product for your organization's needs. 
Plans and pricing
Solutions
By industry
Government Enterprise Financial services Healthcare Defense Judicial Retail
By need
Standardize on Teams Join Teams meetings from any device. Teams Rooms interop NEW Join any meeting from Teams Rooms. Zoom Rooms interop NEW Join Teams meetings from Zoom Rooms. Private AI platform NEW Deploy self-hosted AI Meet and collaborate securely Personalize customer engagement
Pexip for Poly solutions
A unified experience in a flexible and scalable way while maintaining strict security protocols.
Read about the alliance
Developers
Developers
Developer portal Forum Training Documentation System status
Technology
Partnerships
Microsoft HP Poly NVIDIA NEW Zoom NEW Cisco NEW Google Technology integrations
Advantages
Technology differentiators Self-hosted video meetings Zero trust architecture
Trust center
Plans
Resources
Contact
Help center Book demo

Access control in regulated industries

Learn how to build and maintain appropriate levels of access control for video meetings in regulated industries:

  • Control meeting access (ABAC/RBAC)  
  • Enable continuous authentication 
  • Automate meeting classification labels
Access-Control-ebook-hero-landing-page

Jump to section

Implementing access control in video conferencing Common access control methods Technical overview Use case: secure meetings in the defense industry How Pexip solves access control challenges Implementing access control with Pexip

Implementing access control in video conferencing 

 

 

Today, video is the way work is done, in nearly every industry. Secure communication on video is paramount, particularly in industries that handle sensitive and often confidential information, such as military, defense, intelligence, and other highly regulated sectors.

 

In these situations, risk of unauthorized access is deemed unacceptable, requiring the organization to take strict precautions in terms of securing its meetings. This eBook delves into the details of access control in video conferencing, offering a comprehensive guide to safeguard your virtual meetings. 

 

Access control is a fundamental aspect of secure video conferencing. It involves restricting and managing who can access your video meetings, to ensure that only authorized participants are present. This is essential for maintaining privacy, security, and compliance with relevant regulations based on industry, region, as well as internal policies.  

 

Knowing who has access to your video meetings goes beyond simply knowing the names of the participants. Rather, it’s about ensuring that each participant has the appropriate level of access and that unauthorized participants are kept out of the meeting. This layer of security is essential for preventing data breaches and maintaining the integrity of sensitive communication.  

Key components of access control

frame_person

Authentication

Verification of the participants’ identities, often the ‘first line of defense’.

shield

Authorization

Granting or denying access based on the participants’ roles or defined attributes.

lock

Encryption

Securing the communication channel to prevent eavesdropping.

search_check

Logging and monitoring

Tracking access attempts and meeting activities.

Common access control methods

There are several methods employed to control access to video meetings.
Here is an overview of some of the common access control methods and their definitions:

Unacceptable risk environments

These are meetings at the highest security level, in which risks to security could be catastrophic in impact. In addition to the methods mentioned above, unacceptable risk environments may require these additional forms of access control: 

  • Biometric authentication: A security mechanism that uses biometric features such as fingerprints or facial recognition to access the meeting.  
  • External identity provider (IDP): An external service that manages user identities and can be integrated with the video conferencing system to authenticate users.   

High risk environments

These are meetings in which private and/or confidential information is exchanged. In addition to the methods mentioned above, high risk environments may require these additional forms of access control: 

  • Multi-factor authentication (MFA): Requires two or more verification methods, such as a code sent to a mobile device.  
  • Policy engine: This gives the organization the opportunity to control access over how network resources and organizational data are used. This can be done through:
    • Role-Based Access Control (RBAC): a security mechanism that assigns permissions based on the roles within an organization, rather than assigning permissions to specific users directly. Each role is equipped with certain access rights, and users are then assigned to these roles, effectively granting them the permissions associated with those roles.
    • Attribute-Based Access Control (ABAC): a security model that grants or denies access to resources based on attributes associated with the user, the resource, the environment, and the action being taken. Unlike role-based access control, which uses predefined roles to determine access, ABAC uses policies that evaluate attributes to make decisions. This allows for more granular, context-aware access control that can consider a wide range of attributes, such as location, time of day, or transaction history, thus offering a more dynamic and flexible approach to securing resources. 
  • One-time meeting link: This ensures that meeting links are only valid for a single use-case and not available for re-use in a series of meetings, for example.  

Moderate risk environments

These include typical business meetings in which no confidential information is exchanged. In addition to the methods mentioned above, moderate risk environments may require these additional forms of access control: 

  • Single sign-on (SSO): Integrates with existing authentication systems to streamline access control.  
  • PIN code access: In addition to password, requiring a PIN code can provide an additional layer of protection.  
  • Waiting rooms: Participants are placed in a virtual waiting room until the host admits them. 

Low risk environments

These meetings represent the everyday video calls between friends and family members, primarily of a personal nature.  

  • Password protection: Passwords are a simple and effective method to create a first layer of security, requiring participants to enter the right password to access the meeting.  
  • Invitation-only access: Meetings can be restricted to only those who have been invited, limiting participation to pre-approved individuals.  

Technical measures to ensure control over video meeting data

Access control in video conferencing requires various technical measures to ensure robust security and control over video meeting data. Here is an overview of some of these mechanisms:

Encryption

End-to-end encryption (E2EE) ensures that only the communicating users can read messages. This prevents potential interceptors, including service providers, from accessing the content of the meetings. 

Identity and Access Management (IAM)

IAM frameworks help manage user identities and regulate access. This involves integration with directory services like lightweight directory access protocol (LDAP) or active directory, and the use of single sign-on (SSO) and multi-factor authentication (MFA).  

  • SSO: By integrating the video platform with identity providers using standards like SAML 2.0 and OpenID Connect, users are able to log in using their existing corporate credentials. This simplifies the process and ensures that only authenticated users can access meetings.  
  • MFA: MFA offers an additional layer of security when verifying user identities. This could involve sending a code to a user’s mobile device or requiring biometric verification, to enhance security beyond name and password.  

Secure meeting URLs

Generate unique, expiring URLs for each meeting as a mechanism to prevent unauthorized access. Meeting IDs can be randomized and set to expire after a certain period.  

Audit logs

Maintain detailed logs of meeting access and activities to monitor and review any unauthorized access attempts or suspicious behavior.  

Self-hosting

Hosting the video conferencing solution on-premises or in a private cloud can ensure that the organization maintains full control over the video conferencing data. For extreme security environments, the video conferencing solution may be hosted in an air-gapped environment.  

Network and transport layer security

This is employed to encrypt data as it travels over the network, ensuring that the communication channel between participants and servers remains secure.  

Use case: Secure meetings in the defense industry

A national defense contractor needs to hold highly confidential video meetings with multiple stakeholders, including military officials and subcontractors.

 

Key challenges: 

  • Ensuring that only authorized personnel can join the video meetings
  • Protecting sensitive/confidential information from cyber threats 
  • Maintaining compliance with defense industry regulations 
Software-defined meeting security

How Pexip solves access control challenges for the defense industry

Implementing a multi-layered access control strategy for video meetings.

Full data control

To maintain full data control, the national defense contractor opts to host the video solution on-premises, within the organization’s zero-trust security architecture.  
Secure-video-meeting-flexible-deployment-self-hosted-private-cloud-dark-V1

Keep meetings private

The defense contractor utilizes single sign-on (SSO) and role-based access control (RBAC) to verify participants’ identities and assign appropriate permissions for their video meetings. 

Ensure security awareness

Given the varying grades of confidentiality in the defense contractor’s video meetings, they employ a dynamic on-screen warning – which can be adjusted to the level of confidentiality required. 
Self-hosted

Full data control

To maintain full data control, the national defense contractor opts to host the video solution on-premises, within the organization’s zero-trust security architecture.  
Secure-video-meeting-flexible-deployment-self-hosted-private-cloud-dark-V1
Authentication and authorization

Keep meetings private

The defense contractor utilizes single sign-on (SSO) and role-based access control (RBAC) to verify participants’ identities and assign appropriate permissions for their video meetings. 
In-meeting reminder

Ensure security awareness

Given the varying grades of confidentiality in the defense contractor’s video meetings, they employ a dynamic on-screen warning – which can be adjusted to the level of confidentiality required. 

Implementing access control

Download the full eBook and discover best practices for implementing access control in video conferencing:

  • Authentication and authorization 
  • Encryption 
  • Secure meeting management 
  • Monitoring and compliance 
  • Network security 
  • Secure deployment 
Fill in the form to download the eBook
Pexip logo
  • Products
    • Trust center
    • Professional services
    • Room management
    • Training
  • Partners
    • Become a partner
    • Partner portal
  • Company
    • About Pexip
    • Careers
    • Investors
    • Media kit
  • Try Pexip
    • Download apps
    • Download platform
  • Contact us
    • Get newsletter
    • Newsroom & press
    • Support
  • Legal
  • Terms of service
  • Privacy
  • Cookies
2024 Pexip® AS, All rights reserved
  • Facebook
  • Linkedin
  • Instagram
  • Youtube
  • logo-x