How to Secure Video Consultations and Protect Data Privacy

Cybercrime is big business, and it’s growing bigger every year.

Since the global COVID-19 pandemic began, phishing and unauthorized access attempts have surged by 600%. The average cost of a data breach is anywhere between $1.25 million and $8.19 million.

As a result, businesses across the world are taking steps to secure communications. They are using secure email services like ProtonMail, and protecting sensitive databases from unauthorized access.

But in many cases, their video content remains unsecured.

Sensitive customer records are being encrypted, but customer consultation recordings are open and available to all – including hackers.

For enterprises and digital service providers, this is a critical security problem. If anyone can access internal meetings and customer consultations, sensitive data is being exposed. Even a small data slip – like a single customer’s name and address – is enough to start a data security landslide.

Thanks to COVID-19, securing video communication is suddenly a much more pervasive problem.

security

The time to secure video communication is now

Most video hosting services do not offer comprehensive security features to users. The typical solution is to restrict access to everyone except those who have a link to video content.

Of course, the problem here is that anyone can send the link to anyone else. A user might save the link in an unsecured folder, where unauthorized users can access it with ease.

The world’s workforce is becoming more globalized and remote. The need to adequately protect internal communications is increasingly important. Similarly, the need to secure external communications with customers, vendors, and partners is growing.

As more jurisdictions enforce strict data privacy laws, the need to secure video communications grows. The rise of GDPR and GDPR-like regulations in many places means that keeping user data private is quickly becoming a strategic asset, rather than a cost.

You might be surprised what qualifies as sensitive data.

According to Europe’s GDPR rules, the following types of data are considered “sensitive” and must be processed securely:

  • Racial and ethnic origins, political opinions, religious or philosophical beliefs
  • Membership in a trade union
  • Genetic and biometric data used to identify and authenticate people
  • All healthcare and treatment-related data
  • Any information concerning a person’s sex life or orientation

If any of your public-facing video processes require these kinds of data, you need a fast, reliable way to secure video content against unauthorized access.

doctor covid mask

Who should use secure video communication?

Even before the pandemic, remote physician consultations were becoming popular.

Then COVID-19 happened.

Jameda, Germany’s largest doctor-patient portal (“jameda”) has had a colossal increase in demand for video consultations – increasing by more than 1,000% in March compared with February 2020. Similar patterns have been noticed across the rest of Europe.

High-value service industries like finance, law, and medicine all rely on secure communication. Physical brick-and-mortar offices used to be the norm for keeping sensitive information away from eavesdroppers and unauthorized people. Now teleconferences have taken over, and all of these sectors need help ensuring optimal, secure communication channels.

Let’s take a closer look at the medical clinic environment:

Doctors who communicate with patients through unsecured video may accidentally expose sensitive patient data to third parties. This is exactly what happened with Babylon Health, a UK-based telemedicine service and general practitioner platform.

Babylon Health wasn’t hacked. It accidentally presented patients with recordings of other patients’ consultations. This happened as a result of a software error, and only impacted a handful of users.

That might seem like a relief, but the regulatory consequences are the same. GDPR fines can run up to 4% of a company’s global annual turnover, and other jurisdictions have similar penalties.

General practitioners see a number of patients at their clinics every day. These doctors have to log each visit into a database that includes patient names, symptoms, and prescriptions – all of which count as sensitive data.

What doctors discuss with their patients is confidential. When clinical visits move online, it’s up to doctors to establish secure methods of communication with their patients. 

A telemedicine clinic will generate much more data. If doctor-patient consultations happen online, the video itself becomes sensitive data. Implementing a secure solution for telemedicine consultations requires using a secure, compliant video hosting platform.

passwords

What does securing video consultations actually mean?

Meeting organizers need to protect internal communications from unauthorized access. This doesn’t always mean stopping external hackers from viewing archived meetings. It can also mean keeping uninvited employees from attending, and preventing meeting invites from being stored in unsecured locations.

Your first move needs to be password protecting your video communications.

Password-protecting internal meetings is standard policy at most privacy-oriented organizations. But the process is long and time-consuming. If you don’t have a video meeting solution built into your enterprise resource management software, you have to create usernames and passwords for every single participant. When creating a new password, it is advisable to choose complex combinations and refrain from using any generic ones, such as “12345” and similar. Using a password generator can ensure that your password is not easily guessable and nearly impossible to crack.

Without an easy, secure way to bulk upload username/password combinations, securing a single internal meeting can end up taking hours.

Cincopa allows video administrations to upload a .CSV file with username and password combinations directly to its system. This file is secured and authenticated, preventing unauthorized users from accessing or changing user credentials once uploaded.

Once uploaded, only users with the appropriate credentials can enter the meeting or view the video content. This provides a powerful security tool for kick-off internal meetings for today’s scattered workforce.

cincopa password protection

How to use Cincopa for secure video consultations

Cincopa allows for password-protected video galleries and account-specific videos. It enables secure teleconferencing with two-way communication between users in a password-protected environment.

Let’s breakdown how you can leverage Cincopa to ensure optimal, secure video consultations.
We’ll review the variety of options and show you how to get started💪
:

  1. Setting up a password-protected Cincopa Gallery:

First, log into your Cincopa account. Select one of our responsive gallery skins and open the customization menu. Click on the Misc. tab and set a password.

Once you’ve saved the password, any user who tries to open the gallery will be prompted to enter it before viewing the content. You can see this in action here.

Password-protected galleries help content creators make sure sensitive information doesn’t end up in the wrong hands. This can be anything from personally identifiable customer data to your top-secret marketing strategy that you don’t want competitors to see.

Password protection is established on a per-gallery basis. This means you can set a different password for each gallery, and customize the text shown to gallery viewers.

Restricting gallery access with permissions:

You can also protect video media by creating an access restriction list. This makes it so that every user has to enter a password to view gallery content.

But instead of requiring you to set a password, the system is set to let certain Cincopa users view gallery content. This requires users to have their own Cincopa account and to be signed in. Once signed in, users can view all content they have been assigned permissions for.

  1. Manually managing media viewer lists:

Cincopa allows users to manually manage a list of media viewers. This can be done one at a time (by inputting username/password combinations directly to Cincopa) or by uploading a secured CSV file.

Uploading a secured .CSV file is the best way to set permissions for a large number of users automatically. Simply download our CSV template and populate the form with your audience’s credentials.

The manual bulk upload method allows content creators to quickly grant permissions to entire departments without requiring every single user to set up a Cincopa account. Simply copy and paste the audience’s credentials into the template and upload it – you’re done!

Be sure to securely delete your copy of the CSV file as soon as you upload it to Cincopa’s servers. You don’t want any usernames or passwords to stay put on an unsecured system.

You can also update any CSV file to add new users. All you have to do is download the original file, add new user/password combinations, and upload it again.

 

asian doctor

 

  1. Protect against downloads, screen captures, and unwanted traffic

Cincopa offers additional, advanced solutions for preventing unauthorized access to video galleries and live teleconferences:

  • Preventing downloads
  • Preventing screen capture
  • Blocking unwanted traffic
  • Restricting video embedding
  1. Preventing downloads

There are several ways to bypass security settings on browser-embedded videos. The simplest way is to right-click on the media itself and save the media file. This is also the easiest method to counter. Cincopa allows content creators to disable the right-click menu and prevent downloads.

There are other ways to capture sensitive data, though. Clever users can access a browser’s source code and copy the path to the video file itself. If the server hosting the file is not properly secured, it will allow any user who knows this path to access its contents.

 

Cincopa secures video files in a way that prevents unauthorized users from accessing video content by copying the path from a browser’s source code. Our secure video hosting platform hides source code from users so they cannot access the file path.

 

  1. Preventing screen capturing

Screen capturing remains a problematic issue. There is only so much you can do to prevent a user from recording content that appears on their computer screen.

However, Cincopa allows content creators to attach branding and watermarks to their content. This mitigates the risk of commercial competitors using your content against you.

  1. Blocking unwanted traffic

In all of these cases, blocking unwanted video traffic is the first step towards securing sensitive data. Limiting a video’s audience will prevent the vast majority of unauthorized users from easily accessing your content. Cincopa allows administrators to establish a whitelist of IP addresses and restrict video views to those specific devices.

This helps keep sensitive video content restricted to a particular region. If you know that nobody outside your city, state, or country has a reason to access your video content, you can prevent those users automatically based on their IP address.

  1. Restricting video embedding

The final security feature we will talk about is Cincopa’s Domain Lock. This restricts video content from being embedded on external websites. Enabling Domain Lock ensures your video and teleconferencing content is accessible only on the domains you enable.

You can use this security feature to make your videos exclusive to your domain. Our video hosting platform will reject requests for video content coming from any domain but yours.

You can also establish a whitelist of allowed domains. For instance, an educator may wish to allow an academic institution to publish their videos. If they apply for a position at a different institution, they might want to withdraw that right and grant it to their new employer. Cincopa’s Domain Lock makes it easy to grant video embed privileges to specific domains.

 

woman looks at computer

Invest in a secure video hosting and teleconferencing solution now

Data privacy and cybersecurity are becoming increasingly important factors for success in every industry. Anyone who publishes video content online needs to take measures to ensure they can meet stringent user privacy regulations and protect themselves against ruinous data breaches.

Cincopa offers a fully-featured secure video hosting platform for entrepreneurs and enterprises alike. Enable secure video consultation and password-protected content with best-in-class infrastructure with our help.

Originally published on January 7th, 2021, updated on February 27th, 2021
The Blog

How to Secure Video Consultations and Protect Data Privacy

by Austin Jesse Mitchell time to read: 8 min
0