Of all the places that corporate spies would love to gain access to, your company’s meeting room would have to rank pretty high on the list. By eavesdropping for just 10 minutes, a hacker could potentially learn more about your company than most mid-level employees. This is why, if your company is going to bother taking security precautions at all, the meeting room is the place to start.
But in today’s BYOD environment, controlling what goes in and out of the meeting room can be easier said than done. With just one slip up, your meeting room can instantly transform from an impenetrable Area 51-like fortress to the set of a television show that only your rivals watch. Here are some tips to make sure that doesn’t happen.
1. Assess the space
During a City Council meeting in Charlotte, North Carolina last year, several council members noticed a piece of audio equipment in the room that had a blinking light on it. Rather than investigate, the Council members continued on with their meeting. The next day, they woke up to discover that all of the sensitive information they had discussed was printed in the local paper.
One of the best ways to ensure that something like this doesn’t happen is to assess the room beforehand. Unfamiliar electronic device should be treated with a high degree of suspicion. If the meeting room in question is located in an area outside of your control (like at the office of a company that you’re partnering with), try to schedule a security walkthrough before the event.
2. Control preparation materials
Try to limit physical data as much as possible. Now that everyone knows how to open a PDF, there is no need to head down to Kinko’s and put valuable company secrets in the hands of a stranger. If someone at the meeting insists on distributing paper handouts, make sure the room has a shredder on standby.
If you are using collaboration tools or software to put together figures, graphics, and presentations, make sure that it is with a secure provider and that only select individuals have access to it. If it’s online, never use an insecure network or public Wi-FI. Working remotely from a coffee shop is fun and trendy, but if you use the public Wi-Fi, that latte could end up costing $4 million (the price tag associated with the average security breach).
3. Use wireless presentation software
Controlling your own meeting room can be hard enough; controlling someone else’s is just about impossible. For people who present off-site, this poses something of a dilemma. Most off-site presenters resolve the issue by blindly putting their faith in the capability of the site’s IT department. But this needn’t be the case. The risk associated with presenting off-site can be mitigated somewhat by using wireless presentation software that will allow you to upload data straight from your laptop or tablet. This limits the access points and narrows the chance of a breach.
4. Verify attendees
Like weddings, attendance at large meeting can be difficult to keep track of. In order to prevent uninvited people from showing up, it’s always a good idea to have a list of approved participants, and if feasible, issue ID badges. This way, even if there is a leak, you’ll be in a much better position to find its source.
5. Brief participants
If a meeting contains restricted information, it’s important that everyone at the meeting knows that the information is restricted. Urge the participants to avoid discussing it at the water cooler, give them a tip sheet on how to protect data after the meeting ends, and/or have them sign a short, to-the-point contract regarding the release of information and responsibilities.
6. Restrict the devices used
According to a Ponemon Institute study, leakage of information is the top risk of insecure mobile devices. In 2016, restricting smartphones at a large event is an exercise in futility. You can, however, still ask participants to refrain from using these devices during all or some restricted parts of the meeting. You may be surprised to see how many are willing to oblige. To deal with the hold-outs who are incapable of not looking at their smartphones, you can instruct personnel to help monitor the room and enforce the rule when the meeting is in session.