Organisations depend on conference calls to run their daily operations and often discuss confidential and highly sensitive information on calls such as sales, supplier and executive management meetings, intellectual property discussions, high value business deal talks, crisis management calls or even discussions concerning disaster scenarios and national security.
But traditional conference calling services are open to abuse through unauthorised access. Where access security is in place for conference calls, it is often poorly managed with dial-in details and PINs seldom changing. A commonly reported scenario is for ex-employees to continue to access regular conference calls or pass details to unauthorised personnel.
Furthermore, as participants have become more dispersed, they often access conference calls using mobile phones, which are increasingly at risk of interception.
The Cellcrypt Secure Conference Service both authenticates the participant’s mobile phone and encrypts conversations end to end between each participant and the conference bridge, to ensure important conversations, from team briefings to board calls, remain confidential.
“Conference calls by their very nature typically contain some of the most sensitive and confidential information an organisation has,” said Simon Bransfield-Garth, CEO at Cellcrypt. “These calls are highly desirable to attackers, who know just how valuable the information is. As the risk of cellular interception has increased so has the vulnerability of mobile executives accessing conference calls from the mobile phones. Organisations should urgently review their communications practices and act to protect their mission-critical conference calls.”
The conference calling service is easy to use, with participants simply selecting a bridge number from their Cellcrypt Mobile enabled Blackberry or Nokia smartphone to enter the call. Office phones can also securely participate in conference calls when connected via Cellcrypt’s Enterprise Gateway solution.
Organisations can manage conference calls using a simple web console to define all users that may access the conferencing service, create bridge numbers, define policies such as user white lists and additional access PINs. Optionally, a bridge may allow access from selected public telephones using Caller ID and PINs for authentication in geographies where the threat of interception is regarded as controlled (the call segments from public telephones are not encrypted).
The service builds on Cellcrypt’s existing solutions that provide encrypted voice calls on mobile phones, such as BlackBerry and Nokia smartphones, delivering government-grade security in an easy-to-use application that makes highly secure calling as easy as making a normal phone call. Utilising the IP data channel it supports all major wireless networks, WiFi and satellite. Encryption is government-grade and certified to FIPS 140-2 standard by the US National Institute of Standards and Technology.