Posts Tagged ‘security’

Making Your Data More Secure With a RHUB Web Conferencing Server

April 14th, 2014

Web conferences save businesses millions of dollars per year, but a web conference doesn’t represent such an attractive savings if your confidential company information is stolen. It’s important to ensure that your web conferencing solution is going to provide enough protection to keep your data safe at all times.

An RHUB server represents an excellent security solution. Every RHUB server comes with a default 2048-bit SSL certificate preinstalled. Passwords and meeting IDs are transmitted via SSL. The screen image is protected by RHUB’s proprietary encryption by default, but the server can be reconfigured so that everything is SSL protected.

For even more protection, RHUB servers have a built-in firewall, though we recommend your RHUB server be used in conjunction with your company firewall. Because of its history of security issues, Java has been completely removed.

For transmission security, RHUB uses both SSL and proprietary encryption. Meeting IDs and passwords are SSL encrypted when transmitted over the Internet. Unlike conventional web conferencing, the RHUB server can be set up behind your company firewall, making it much more secure than a hosted service. Internal meetings within the firewall are simplicity itself to set up and totally secure.

DMZ deployment works well for meetings with external users. The RHUB server is set up at the firewall and your client is also behind a firewall. DMZ is available for almost every router, even home routers. A DMZ setup permits both attendees who are behind a firewall and attendees who aren’t to attend a meeting. If you wish, you can easily restrict the meeting to attendees within your network only.

A deployment outside the firewall is also a possibility. In this scenario, the RHUB server is configured between your firewall and the client firewall. This deployment is equivalent in security to hosted services.

The safety of RHUB servers has been tested intensively by banks, government agencies, and defense companies. You can’t find a webinar solution more capable of providing you with security when you really need it. To discuss how our robust protection can benefit you, give us a call at 408-899-2831.

  • Share/Save/Bookmark

Is Video Conferencing Putting Your Business at Risk?

January 9th, 2014

Videoconferencing is new on the scene. It used to be something you only saw in science fiction. Remember the earth-to-space video communications in 2001? It wasn’t until the 1980s that anything similar became practical outside of the movies. The first videoconference between Africa and North America took place fairly recently: June of 1995. Like the Internet itself, once it got going videoconferencing evolved at lightning speed.

Now it’s everywhere, and the quality is something not even the characters in 2001 could have imagined. But there’s a dark side: videoconferencing set up outside a firewall can introduce vulnerabilities that it doesn’t take a HAL to figure out how to breach.

Rapid 7 is a company that specializes in finding security gaps in computer systems, and an investigation it conducted in 2012 exposed some glaring oversights in carelessly configured videoconferencing.

http://www.nytimes.com/2012/01/23/technology/flaws-in-videoconferencing-systems-put-boardrooms-at-risk.html?pagewanted=1&_r=1

HD Moore of Rapid 7 found it easy to look around the boardrooms of top law firms, oil companies, and venture capital firms through their videoconference setups. Many systems are on the Internet with few safeguards, and Moore could have easily eavesdropped on attorney-client conversations or made himself privy to a board meeting.

Some videoconference systems can be set up to automatically accept inbound calls, and this makes it possible for anyone to dial in and make themselves right at home. Mr. Moore scanned the Internet for companies that had their videoconferencing configured outside a firewall while their systems were set up to automatically accept inbound calls.

After scanning only three percent of the Internet, Moore found 5,000 vulnerable systems, including a venture capital firm that was hosting a conference with company financials being projected on the screen while Moore was hacked into the system. One of the largest videoconferencing equipment vendors even sells its equipment with auto-answer enabled by default.

As if this didn’t represent enough potential for skullduggery, this summer the German magazine Der Spiegel accused N.S.A. of hacking into the United Nations’ videoconferencing system. According to its report, N.S.A. cracked the U.N. encryption code and spied on E.U. plans.

In light of all this, should we conclude that videoconferencing is inherently risky?

No, videoconferencing doesn’t need to be insecure at all. The RHUB appliance can be set up inside a firewall or in the DMZ. Deploying an RHUB appliance behind the firewall or in the DMZ allows both company employees and external attendees access to video conference. It’s easy to exclude external attendees altogether by just clicking an option on the setup screen, though exceptions can be created for specific external attendees.

We maintain transmission security of passwords and meetings with strong SSL security. SSL security or our proprietary encryption can be used for all other data transmitted in the meeting.

With video conferencing becoming a critical asset for most businesses, it’s important not to introduce security holes that put other business assets at risk. We can help you with a videoconferencing solution that provides security you can depend on. Give us a call at 866-758-0984 or email us at sales@rhubcom.com and let us tell you why the RHUB appliance is one of the most secure devices on the market. We give you space-age quality with down-to-earth protection for all your sensitive company information.

  • Share/Save/Bookmark

Hemorrhaging Data with Your Web Conferencing Solution?

September 17th, 2009

Everyone is familiar with the story of the Dutch boy who saved his country from flooding by plugging a hole in the dike with his finger. (If not I inserted the hyperlink just for you.) Modern day data leaks may not have any of the inspirational undertones, but the allegory is a good reminder that leaks of any kind must be plugged somehow.

Data leaks can cost money, and in the context of the current economic climate the consequences can be damaging for any company. Industrial espionage may not be talked about as much as it used to be, but there are still other ways to lose data. Environments such as open meetings and webinars can present an open invitation to hackers.

Web conferencing, like so many computer related technologies allow companies a greater level of freedom. This comes in the form of accessibility and the ability to move information and generate feedback at a rapid pace. Think of it as a highway, which allows for rapid transit, but which at certain points can be blocked off to prevent unauthorized access.

A Breakdown in Security

The two main areas of concern with web conferencing security are transmission security and access security. With transmission security, the aim is to protect the information while it is the process of being moved from one point to another. The latter is related to preventing unintended parties from being to gain access to a meeting or webinar.

Generally, passwords are issued to those invited to take part in a web conference or remote support session. The obvious danger is that passwords or IDs can be cracked, leaving the appliance vulnerable to attack. Some services offer a secondary password which only enforces the idea that using passwords is not a reliable form of security. If the hacker cracks the first password, why wouldn’t he be able to crack the second? It is always best to generate irreversibly encrypted passwords and to integrate it with the use of your own firewall.

Web conferencing data that is being transmitted is stored temporarily on a server. While this also presents an opportunity for hackers, security protocols such as Secure Socket Layer (SSL) encryption usually prevent stolen information from being read.

How Your Appliance Can Protect You

To prevent data theft, choose a web conferencing option that utilizes the first line of defense against attacks, namely your own firewall. Internal meetings can be held behind the firewall thus preventing outside access. DMZ deployment is also another effective security feature of web conferencing. With this option you can control access by determining whether internal or external parties will be involved in the meeting. In this way anyone who tries to gain access from outside the firewall will be rejected.

If you have concerns about the possibility of data loss during web meetings examine the security features of your conferencing solution. Even if the information is not of a highly sensitive nature you still have the right to be protected. If you have already fallen victim to data loss it may be time for you to consider other options.

  • Share/Save/Bookmark