By Amit Walia, EVP Managing Partner at Compodium
In 2016, a seemingly innocuous photograph of Facebook founder, Mark Zuckerberg, sat beside his desk at Facebook HQ, was posted to his Facebook profile. Ostensibly, the post was celebrating the growth of Instagram, which Facebook had purchased several years earlier. However, eagle-eyed followers soon identified what appeared to be tape covering both the camera and the microphone on Zuckerberg’s laptop. Widespread debate ensued around the efficacy of covering webcams in this way. However, given the individual in question is the CEO of one of the most valuable and influential companies in the world – and indeed one of the very few people to reach the status of Centi-billionaire – the overarching consensus from the security community was that “Zuckerberg is sensible to take these precautions.”
Mark Zuckerberg is undoubtedly a high-value target. But in the modern, digital and data-driven world, a strong cybersecurity posture is vital for every type of organisation – large and small. In high-value and heavily regulated industries like banking and financial services, the threat is even greater – covering both traditional cyber-attacks and corporate espionage.
Making video security a priority
The fervour around Mark Zuckerberg’s photo highlighted an interesting point – many of the comments were from people who had not considered video as a valuable target for an attacker. In 2020, the issue of video security is more important than ever. Video conferencing platforms are now in high demand, with COVID-19 forcing organisations to quickly adapt to a new way of working. One application reported a 30-fold surge in users, whilst another clocked up more than 4.1bn meeting minutes in just one day in April, up from a daily average of 900m in early March.
As we move beyond the more restrictive social lockdowns, financial services organisations need to prepare for a new normal – one that caters for remote business opportunities just as effectively as those taking place face-to-face. Employees across all industries are now used to working at home and while some organisations, such as Barclays, are looking to re-establish on-site operations as quickly as possible, others will remain – at least in some large part – remote.
There can be no doubt that video is now solidified as the primary method of remote communication. Whether it’s a family catch up or a blue chip board meeting, wherever a physical meeting is not possible, or practical, video conferencing is now a comfortable alterative for most people. But with more people on video than ever before, the usage surge has also brought increased security concerns. For example, incidents of Zoom-bombing – when strangers intrude on others’ Zoom meetings – have been widely reported. In these cases, intruders have been able to eavesdrop undetected, or completely disrupt meetings, often in ways that threaten the integrity and security of confidential business information.
A renewed focus on video security
As the conversation around the wider security of video meetings has grown louder, Zoom has announced it will backtrack on previous refusals to provide end-to-end encryption to free users of the service. It’s is a major victory for the activists and civil liberties organisations campaigning for privacy and digital protection. Data transmission is one of the most vulnerable areas of video communication and ensuring a comprehensive level of security is paramount for those taking part in digital conversations – whether that’s a personal conversation, or in a commercial environment. During a video conversation, data travels over multiple networks – both public and private – and end-to-end encryption is the foundation of protecting this data in transit.
The recent campaign for access to encryption has placed a renewed focus on how vital security is to video communications – but this is something heavily regulated industries like banking and financial services have known for a long time. But the COVID-19 pandemic forced many organisations to navigate a familiar landscape of uncertainty and regulatory pressure in an unfamiliar remote operational environment. Finance is a high-risk, high-reward industry that requires rapid decision making and constant information exchange – all while building and maintaining crucial client relationships. Video conferencing technology has offered a lifeline for many finance organisations around the world, however the rapid shift to remote operations has been drastic and unprecedented. Maintaining productivity in the face of significant business disruption has been the key priority; security and compliance considerations have all too often been an afterthought.
In finance, end-to-end encryption is not enough – in fact, it’s expected. Video conversations contain highly sensitive and confidential information – they must meet the same levels of security, privacy and confidentiality as in-person conversations. In these environments, security breaches and financial fraud can lead to significant regulatory, financial and reputational damage.
End-to-end encryption is just the beginning
Financial services organisations are the backbone of the global economy and during the COVID-19 pandemic, they have the challenge of quickly delivering seamless virtual connectivity. Under unprecedented pressure to roll out new technology, it can be easy to overlook the more fundamental requirements, in favour of rolling out new services and capabilities at speed. New technology should not come at the cost of privacy and security.
End-to-end encryption – which is vital for privacy and security and will now soon be available via even the most basic video conferencing solutions – is not enough to meet the high standards required in financial services. Instead, authentication is the key to ensuring the growing adoption of video conferencing in this industry meets the same high standards delivered to clients in-person.
Authentication provides a double layer of trust, ensuring both advisors and clients can be confident that they are speaking to the right person within an entirely confidential virtual space. Only by ensuring video conversations are both end-to-end encrypted and authenticated can finance professionals provide the same level of privacy and security afforded to clients during a face-to-face consultation. This ensures the identity of every conference participant is fully authenticated before the conference is initiated.
The digital future
The video conferencing authentication process is simple, but hugely effective. It represents the first step in a more digital, video-driven future for financial services – providing all the necessary foundations for client security and privacy. In the future, 2020 will undoubtedly be looked at as a year that changed financial services forever – globally. The world has been at war with a novel virus and the effects have been profound. But as the great military, Sun Tzu, said, “In the midst of chaos, there is also opportunity.” Social distancing, lockdown and travel restrictions have forced us to rethink how we deliver client services and given us the opportunity to roll out cutting edge technology. But while the results are already hugely positive, we need to ensure we are laying the right foundations for new innovation – making privacy and video security a priority in financial services now – not later.