Best Practices for Secure Webex Meetings
Webex is an important tool that allows the Rutgers community to meet and collaborate in real-time. While Webex provides a secure environment, it is also an open place to share information. This makes it extremely important to know the best practices of Webex security. Below are a few general rules to follow, as well as six useful tips.
- Do not share your Audio PIN or Host key with anyone.
- Provide meeting passwords only to users who need them.
- Never share sensitive information in your meeting until you are certain who is in attendance.
1. Use scheduled meetings instead of your personal room.
Webex has two different modes – scheduled meetings and personal rooms. Scheduled meetings are designed to be higher security, while personal rooms are aimed at ease of use. A scheduled meeting is like booking a conference room with a keycard entry for all attendees; whereas, a personal room is leaving your office open all the time waiting for someone to show up to start the meeting. For class meetings and other large gatherings, you should only use scheduled meetings. You should NOT use your personal room. For more information on how to schedule a meeting, visit Scheduling a meeting with your personal account page. Please note there are other web conferencing tools available for class meetings and lectures in the university’s learning management systems. See the information on the Technology Tools for Faculty webpage at the universitywide COVID-19 website.
2. Thoughtfully distribute your meeting invitation.
Please ensure that all of the invitees are appropriate for the meeting and discourage invitees from forwarding the meeting invite.
3. Restrict access to the meeting.
Lock the meeting once all attendees have joined the meeting. This practice prevents more attendees from joining. Hosts can lock or unlock the meeting at any time while the session is in progress. To lock a meeting that you’re currently hosting, select Meeting > Lock Meeting.
For personal rooms, this option will allow anyone joining the meeting, including participants who have been invited to the meeting, to enter into the lobby of the meeting to await admission by the host and/or moderators of the meeting.
For most scheduled meetings, participants will not be able to join even if they have been invited.
To unlock a meeting that you’re currently hosting, select Meeting > Unlock Meeting.
4. Validate identity of all users in a call.
Accounting for every attendee by using a roll call is a secure practice. Ask users to turn on their video or state their names to confirm their identity.
5. Remove a participant from the meeting.
Participants can be expelled at any time during a meeting. Select the name of the participant whom you want to remove, then select Participant > Expel. If it is necessary to expel disruptive participants, it is best to lock the meeting as described above. Doing so will prevent expelled attendees from attempting to rejoin and cause further disruptions.
6. Share application, not screen.
Use Share > Application > instead of Share > My Screen to share specific applications and prevent accidental exposure of sensitive information on your screen.
For more Webex security best practices, please visit Cisco Webex Best Practices for Secure Meetings: Hosts resource at the Cisco Webex Help Center.