by Patrick Moorhead

Think security first before going BYOD for business videoconferencing

Jun 10, 2015
CareersCloud SecurityCollaboration Software

With the rapid adoption of enterprise video communication, BYOD and the increased usage of cloud-based SaaS (software as a service) applications, privacy and security should be a first order of business.

At my analyst firm, our vision of tomorrow’s office has more people working remotely, globally and essentially as hired guns. “Work” isn’t a place: it’s what one does in a cab, in a coffee shop, at home, and, oh, in an office. A temporary one.

While invented back in the mid-1960s by AT&T, when it comes to technology that supports that vision of work, video communications is a critical tool. While face-to-face communication has been proven to lead to greater productivity, more meetings today are taking place over video. However, while video communication adoption is soaring, with it comes the real risk of potential privacy and security problems.

The growth of “Shadow IT”

Shadow IT is a catch-all phrase that describes solutions and SaaS deployed by departments other than an organization’s own IT department. The rise of videoconferencing using free cloud-based apps like Skype, Google Hangout and, with the launch of its updated messenger app, Facebook, seems to be all the rage these days. With more and more companies adopting BYOD policies, employees — even at a very high level — are apt to log onto calls or videoconferences on the run via their smartphones.

Contrary to how nefarious the term Shadow IT “feels,” it appears most employees who use unapproved apps at work are simply trying to get their jobs done. They cite ease of access to the right tools, an already-acquired comfort level with certain apps and platforms and, perhaps most importantly, the desire to avoid a steep learning curve and the waste of time conquering such a learning curve entails, when forced to adopt something new.

There are also enticing benefits to businesses who are considering adopting cloud-based video communication apps: no money paid out in development costs, maintenance, testing, upgrades capacity planning or performance management. Plus, backup and recovery of data and infrastructure is generally also the responsibility of the platform’s vendor.

The need for increased security

So, while free (or relatively inexpensive) video communication applications are out there, and while businesses might see some initial cost savings when adopting their usage, what they aren’t seeing on of the bigger picture elements. Security.

Businesses that deal in sensitive information or legal precedent must place security as their top priority. With the large volumes of mission-critical information and customer data handled by public sector entities and corporate agencies, the implications of data loss become dire. If a company’s sensitive data is compromised via unsecured video communications it could result in anything from business disruptions to financial scams to loss of reputation.

Who is making sure data is private and users are secure? And what would the ramifications be if proprietary corporate or customer information was leaked to a competitor? The banking and healthcare fields alone should be quaking in their boots at the thought of a data breach. There is frankly too much at stake for businesses in any industry to take these questions lightly given the consequences. Look at Target and Sony.

Even paid cloud-based videoconferencing options have drawbacks. The main problem with SaaS video solutions is that it could have a hard time protecting against virtual rootkits — hidden, malicious software that allows back-end access in virtual machine environments. Hardware, however, adds a protective layer against hackers.

Security and high-quality video: the best of both worlds

One of the biggest reasons businesses aren’t implementing secure video is what they consider as a “cost problem.” Many high-quality, secure, enterprise-level teleconferencing systems are pricey, especially for SMBs. While desktop videoconferencing is generally lower quality when it comes to audio and video output and is not secure, it is certainly appealing from a price-point perspective. This creates a huge gap in the marketplace and many corporations are left vulnerable to privacy and security issues. Three video collaboration solutions companies are attempting to bridge that gap without breaking the bank.

I’ve written about Vidyo’s success equipping the Department of Defense with its video conferencing systems, and I have long admired Vidyo’s efforts in bringing quality, scalable video solutions to the table. For its price point, Vidyo offers video, voice and web conferencing for the cost of most audio conferencing, and the quality is excellent.

StarLeaf is another videoconferencing service that takes security seriously. Its video services are designed to work from within the end user’s private network, behind their local firewall — through a firewall traversal system — which blocks hackers and spammers. They also offer strong authentication and encryption, along with many other security features.

Vidyo and StarLeaf take care of two of the biggest business concerns with video communication adoption — price and security. CIOs and CMOs have a responsibility to outfit their companies with video solutions that will bring the right level of security and service, while staying within budget.

While it is of course important to implement new technologies to stay relevant, security and privacy should always be your first order of business. Think twice before doing BYOD for your enterprise.