Communicating within and outside the company has never been easier. However, the security of video conferencing software is still rarely taken into account and often exposes users’ personal data.
The urgency of data protection
The GDPR 2022 barometer of Data legal drive indicates that 74% of the data and privacy professionals surveyed believe that employees are more and more attentive to the protection of personal data by the company.
This is not surprising when you consider that in 2021, one out of two French companies was the victim of a cyber attack (CESIN study). Computer attacks generally lead to data theft, which exposes employees and undermines the financial stability of organisations.
In companies, videoconferencing tools process and transmit a multitude of sensitive and confidential data and become prime targets for hackers.
First and foremost, video conferencing software must be sovereign and compliant with the GDPR.
Within the European Union, the GDPR firmly regulates the protection of personal data, requiring software publishers to be transparent about their processing. It also excludes any possibility of transferring data to a third country, without a contractual agreement in advance.
The absence of a backdoor in the software
Some major video conferencing software, located outside the European Union, comply with foreign legislation. These authorise the listening of communications. This is the case of the Cloud Act, a series of extraterritorial American laws which allow the authorities to force publishers located on American territory to provide data relating to electronic communications. This data can be stored on American or foreign servers.
Tixeo is committed to data protection
As a European and secure solution, Tixeo is 100% compliant with the GDPR and puts personal data protection at the heart of its commitments. Indeed, its customers, evolving in sensitive sectors (defense, health, industry…) require a reliable video conferencing tool with a maximum security level and with all the guarantees to respect the integrity of their employees’ personal data.
In the Tixeo GDPR guide, select your user profile to find all the essential information you need to know about
- the processing
- the protection
of your personal data.
Download the GDPR guide now
Features of a secure video conference
A secure video conferencing software offers additional guarantees for personal data protection. This is the case of Tixeo.
Secure by Design: an architecture designed for data security
To be secure, a secure video conferencing software must be Secure by Design. In other words, it must take security into account from the very first steps of its design to its deployment. This process makes it possible to determine potential points of failure in the software at an early stage and to work out solutions to correct them during its development.
As a result, Secure by Design video conferencing software will be much more robust than traditional video conferencing software.
Deployment that minimises security impacts
Deploying a video conferencing tool must not disturb the security of the company’s internal network. With Tixeo, Secure by design video conferencing software, there is only one port to open to deploy the solution. Thus, the security policy of the company network is preserved. This saves time and security!
It is no longer a secret that communications in an unsecured video conference can be listened in on. Only end-to-end encryption avoids the risk of eavesdropping.
This technology enables all audio, video and data streams to be encrypted, regardless of the number of participants in the online meeting. It thus guarantees total confidentiality of exchanges.
Tixeo’s secure video conferencing includes end-to-end encryption through a server (AES 256 encryption), while easily adapting to network variations.
Taking into account the location of the publisher
It should be noted that the location of the video conferencing editor is an important criterion to take into account, if the software claims end-to-end encryption. Indeed, in some countries, it is sometimes impossible to fully encrypt communications.
For example, since 2001 in the United States, the Patriot Act requires software publishers to add backdoors to their systems. This back door is a secret entrance that allows the authorities to access the software’s data. If a malicious entity discovers it, personal data can be compromised.