Collaborate with security you can trust

We’ve built TrueConf to protect your privacy and give you full control over your information. When you choose TrueConf, you’re getting the most secure platform for all your communications and video meetings.

Collaborate with security you can trust

Types of Video Conferencing Encryption

There are a few different ways to encrypt your video conferencing traffic. The most popular options are TLS and SRTP.

TLS (transport layer security)

TLS (transport layer security) is a cryptographic protocol that provides communication security and privacy over the Internet. It is used in applications such as web browsing, email, instant messaging, and voice over IP (VoIP). TLS is widely used to protect online transactions such as credit card purchases and bank transfers.

SRTP (Secure Real-time Transport Protocol)

Secure Real-time Transport Protocol (SRTP) is a key component of secure voice and video communication, providing end-to-end security between two parties. SRTP is used to protect the confidentiality and integrity of voice and video data as it is transmitted over a network.

E2EE (end-to-end encryption)

E2EE (end-to-end encryption)

The term is used to describe a security system in which all data is encrypted at all times, from the moment it is created to the moment it is destroyed. This means that even if someone intercepts the data while it is in transit, they will not be able to read it without the proper encryption key.

This level of security is essential for any business or organization that wants to keep their data private. This is especially important for videoconferencing, which may involve the exchange of sensitive information.

When looking for a video conferencing solution, be sure to ask if it offers end-to-end encryption. If so, it means that your data will be safe every time you use it.

You are in control.

You are in control.

Imagine being able to control all your corporate communications and store them on your own servers. With TrueConf, you don’t have to share your corporate data with cloud services or anyone else. Run the entire meeting platform on-premises and inside your network.

TrueConf

Video conferencing security is not only recommended for business communications, it is the law. Recent government regulations, such as the Health Insurance Portability and Accountability Act (HIPAA) or the GDPR, require that medical service providers, financial institutions and other companies protect all electronic data related to their clients and patients. That includes all electronic transmissions of customer personal data, including video conferences.

GDPR Compliant

HIPAA Ready

ISO 27001 Certified

Check the benefits of on-premises deployment with TrueConf:

On-premises

All communications are hosted on customer’s premises with no third-party access.
TrueConf administrators, employees or representatives do not have any access to customer’s meetings or communications.
Each TrueConf Server instance serves only one company or organization and therefore is hardly likely to be a subject of hacker attacks.
It is impossible to get access to your private communications by security or law enforcement agencies by sending a corresponding request to TrueConf.

Cloud-based

Information is stored on cloud servers, which may put at risk your corporate sensitive information.
During meetings, video and audio data are processed unencrypted on the servers of cloud providers and can be accessed by service employees.
Personal data can be leaked due to cloud service vulnerabilities. Cloud service employees can also have access to the databases.
Recordings of your conversations can be available to any hacker in the Internet who has intercepted username and password from your account.

Privacy is built in

TrueConf respects your data privacy, gives you transparency and control over your communications with your team.

Mandatory authorization

PINs for every meeting

Lock your meeting from uninvited participants

Provide unauthorized users with limited guest access

Industry’s best protection

All signaling data and client-server connections secured with the latest version of TLS 1.3

A single 4307 TCP port used for transmitting media and signal data between TrueConf Server and client apps, making it extremely easy for network admins to control and secure traffic

Additional on-demand end-to-end encryption using VPN gateways

Media data encryption with AES-256, SRTP or H.235 depending on the network protocol

Efficient and customized version of VP8 video codec with additional SVC support used for communication between client apps

Permission policies

Permission policies

  • Limited access with IP address range or separate admin accounts
  • Provide access to the control panel only to the computers within your corporate LAN
  • Different user roles for managing meetings
  • TrueConf Security Admin role for viewing logs and reports

Single sign on

Integrate TrueConf Server with Active Directory to centralize user account management and restrict access rights to your corporate information.

Single sign on
OAuth 2.0 secure authorization

OAuth 2.0 secure authorization

TrueConf Server APIs use the OAuth 2.0 protocol for authentication and authorization. OAuth 2.0 provides a number of advantages:

  • Working over the secure HTTPS Protocol
  • Delimiting application access to the API according to the role and configured permissions
  • Authorization using a complex short-lived access token without the need to visibly enter a username and password

5 more things to help with security for videoconfernce

Use a strong password and change it regularly

Use a strong password and change it regularly

Your password should be a minimum of 8 characters and include a mix of upper and lowercase letters, numbers and symbols. You should also change it regularly – at least every 3 months.

Install software from a reputable source and update it regularly

Install software from a reputable source and update it regularly

This means that you should only install software from developers or distributors that you know and trust. This will help protect your computer from new viruses and malware, and keep your system running smoothly.

Use a Virtual Private Network (VPN)

Use a Virtual Private Network (VPN)

A VPN is a great way to keep your internet traffic private and secure. When you connect to a VPN, all of your traffic is routed through an encrypted tunnel and passes through a secure server before it reaches the internet. This means that your ISP and other third-party observers can’t see your traffic or track your online activity.

Install a firewall and anti-virus software

Install a firewall and anti-virus software

It is important to install a firewall and anti-virus software on your computer to protect it from potential attacks. A firewall helps to protect your computer from unauthorized access, while anti-virus software helps to protect your computer from viruses and other malware.

An overview of video conferencing and collaborative tools

Video conferencing is a powerful tool that enables real-time, face-to-face communication between colleagues around the world. With the help of video conferencing, a business manager from Argentina can hold a virtual meeting with the managers of his factory in China, a sales director can demonstrate a new product to sales representatives across the country. Or military high officials at the Pentagon can send new orders to soldiers in the field.

Video conferencing is a powerful tool that enables real-time, face-to-face communication between colleagues around the world. With the help of video conferencing, a business manager from Argentina can hold a virtual meeting with the managers of his factory in China, a sales director can demonstrate a new product to sales representatives across the country. Or military high officials at the Pentagon can send new orders to soldiers in the field.

Google Meet

Compare

Slack

Skype

Compare

WebEx

Compare

Whatsapp

Zoom

Compare

Maximum number of participants 1 000 250 15 (with paid subscriptions) 1 000 1 000 32 1 000
Free version 12 100 participants up to 60 minutes 2 100 participants up to 4 hours 100 participants up to 40 minutes 32 100
Security measures 256-bit TLS, AES, local deployment, and offline operation TLS, SSL, and two-factor authentication TLS 1.2, AES-256 and SHA2 AES-256, 1536 or 2048-bit RSA E2EE E2EE, 2-step verification AES-256, E2EE
Self-hosted deployment

Google Meet

Google Meet (Hangouts)

Google Meet is a secure cloud solution that enables you to organize both individual and group video conferences. The platform offers many opportunities for collaboration, such as the well-known Jumpboard. As for the participants, Google Meet allows even unregistered guests to join the conference using the meeting code.

Security

The solution was initially created as a business tool in the Google Workspace suite, but eventually became available for non-commercial use. To protect personal data, the online meeting platform adheres to TLS and SSL standards for encryption at the transit level. Registered Google users also have the option to enable two-factor authentication using FIDO-compatible text messages, authentication apps, or security keys.

Vulnerabilities

Google Meet does not support end-to-end encryption: instead, it uses DTLS-SRTP to protect connections. However, it may be an unpleasant discovery for some that the vendor of the solution stores data on delays and performance. Such “collectible” information includes the data transfer rate, estimated bandwidth, names of conference organizers, IDs of participants, IP addresses, as well as the date and calendar ID of the meeting.

Security researchers recently highlighted a vulnerability in Google Meet’s URL redirection feature, which could lead users to counterfeit domains and make them victims of cybercriminals. Furthermore, if you join a meeting from a smartphone, the audio is transmitted over the telephone network and may not be encrypted.

Slack

Slack

Slack is a corporate messenger that can support video chats for up to 15 users. As with other vendor services, this solution requires mandatory login to your account and uses a secure system to protect confidential data. This is explained by the fact that Slack supports integration with almost 100 third-party services, such as Dropbox, Google Drive, and even Twitter.

Security

Data transfer between the messenger and the Black service is carried out using reliable encryption protocols and signatures, such as TLS 1.2, AES-256 and SHA2. It is noteworthy that such a protection system only works with the consent of the user, who must approve the processing of his or her personal information. Confidential data at rest in the Slack production network is encrypted in accordance with FIPS 140-2 standards, including relational databases and file storage. At the same time, all encryption keys are stored on a secure server with restricted access.

Vulnerabilities

If you are going to use Slack for business purposes, you need to be aware of the associated risks.

In 2015, Slack was hacked, revealing flaws in the messenger’s security system. The company announced that its system had been hacked, and the attackers had access to the database for four days, jeopardizing the privacy of its users. After the cyberattack, Slack experts also discovered suspicious activity from some accounts that had been clearly compromised by criminals.

In 2019, Tenable specialists also discovered a vulnerability in the Windows version of Slack. The client application provided an opportunity to change the download destination and steal, modify, or add malware to files. The critical vulnerability also allowed for remote code execution (RCE). Hackers could gain full remote control over the Slack desktop application with a successful exploit, thereby gaining access to private channels, conversations, passwords, tokens, and keys.

Skype

Skype

Skype, created by Microsoft, is a free software for making video calls. The “Meet Now” option allows presenters to invite both registered participants and anyone else in general to a virtual meeting, without needing an account. As for commercial purposes, it is worth noting that Skype for Business will cease to exist on July 31, 2021.

Security

Skype uses AES, also known as Rijndael, which is employed by the US government to safeguard confidential information. At the same time, the encryption itself is 256-bit and has proven to be reliable. The Skype server uses 1536 or 2048-bit RSA certificates to certify users’ public keys.

Vulnerabilities

By default, Skype does not use end-to-end encryption, meaning that Microsoft can view all messages, calls, and files. In addition, the vendor records people’s interactions on their platform, including but not limited to:

  • Chat history
  • Activity status
  • Telephone numbers
  • Files sent and received
  • Time and duration of calls

Microsoft claims that it also collects user data from third parties, even brokers. Additionally, the corporation utilizes personal information for targeted advertising, personalization, research and development, and to improve its products. Personal data is also shared with Microsoft affiliates, subsidiaries, and suppliers.

Cisco Webex

Cisco Webex

The WebEx video conferencing platform has existed since 1995 and is widely used by privacy-conscious companies in the healthcare, information technology, and financial services industries. This is partly because all three sectors had resorted to virtual meetings long before the COVID-19 pandemic, but mostly due to the solution’s reputation for maintaining strong cybersecurity. WebEx’s parent company, Cisco, has long established itself as a reliable and secure vendor for corporate interactions.

Security

By default, WebEx makes user data readable by the server, but it also offers additional end-to-end encryption for up to 200 users, which is more than many of its competitors. Holders of free accounts can contact customer support to further protect themselves. Despite considering the possibility of hosting an on-premises solution, the vendor offers a Cisco Meeting Server for these purposes.

Vulnerabilities

In 2020, Cisco engineers prepared fixes for three vulnerabilities that hackers could exploit during WebEx conferences. IBM discovered security breaches that allowed an attacker to join an online meeting as a ghost user and gain access to personal data. Therefore, a cybercriminal could discover the full names, email, and IP addresses of conference participants.

WhatsApp

WhatsApp

It is highly likely that you have friends or relatives on WhatsApp, as this messenger already has over two billion users. The solution was created in 2009, but it reached its peak popularity in 2015 and even became the main means of communication in several countries, including Latin America. WhatsApp enables users to organize personal and group chats, make audio and video calls, share files, locations, and even create polls.

Security

To ensure privacy, the solution supports end-to-end encryption, which prevents even company employees from viewing your messages or listening to conversations. WhatsApp also allows users to enable two-step verification to further protect their personal data and send disappearing messages.

Vulnerabilities

In January 2021, Meta announced an update to its privacy policy, stating that WhatsApp would store personal metadata and share it with Facebook and its “family of companies” (e.g., Facebook Messenger, Instagram) starting in February of that year. Previously, users could refuse to transfer information in the settings, but now this feature is not possible. So cyber awareness is something you need to keep in mind at all times using WhatsApp.

In 2022, as a result of the leak, nearly 500 million users’ personal data was released into the network. As it turned out, Meta had been storing users’ confidential information in an almost unencrypted form for many years, resulting in hackers being able to easily bypass the security system and gain access to it. In the following years, residents of 84 countries, including the United States, Italy, and France, suffered from the actions of fraudsters and criminals.

Zoom

Zoom

Zoom is a video communication platform that offers a wide range of collaborative tools. The solution gained the most popularity in 2020 during the pandemic, as many companies and organizations started using it for remote work. It is noteworthy that many enterprises continued to use Zoom even after the lockdown was lifted, demonstrating its continued great demand.

Security

When using a Zoom client, video, audio, and screen sharing are protected in transit with AES-256 and a one-time key for that specific session. To further protect your privacy, the solution allows you to enable additional end-to-end encryption.

Vulnerabilities

“Zoombombing” is still a huge stain on the company’s reputation in terms of security. The precedent of intruders appearing in conferences and subsequently demonstrating profanity has become one of the largest hacker attacks in the history of video communication. Attackers could also send, edit, and remove chat messages, as well as remove other participants from online meetings.

Ready for secure video meetings?

Security is an important issue to consider when organizing virtual meetings. Our recommendation is to make sure your video calls and recordings are safe by hosting your video communications platform on your own premises.

Whether you are researching video conferencing for the first time or re-evaluating vendors for the next phase of your conferencing and collaboration solution, security should always be your highest priority. With the industry’s best security practices, TrueConf video collaboration platform is the most suitable choice for security-conscious companies.

Empower your video conferencing experience with TrueConf!

Download free version

version 5.3.4.10059 (478.66 MB)

Proven solution for security-conscious organizations

TrueConf is trusted by hundreds of thousands of companies around the world. We’re proud to streamline business processes for the organizations where complete privacy is mission-critical.