Zug, Switzerland, 14. January 2021 – VNC, a leading developer of open source-based enterprise applications, lists the most important parameters to consider when encrypting video streams.
The exponential growth of distributed and networked workplaces has brought communication security into sharper focus. Both in the workplace (home office) and in education (remote learning), videoconferencing has become an indispensable channel of communication. However, justified security concerns have also been raised, making further expansion difficult. VNC sees end-to-end encryption of video streams as the right way to achieve greater security. However, the synchronous communication typical for videoconferences demands special security mechanisms as the number of participants grows. VNC lists the three most important criteria:
1. Encryption via WebRTC: WebRTC is a proven industry standard for securing video streams. Similar to the HTTPS protocol and like a VPN connection, the data is thereby secured by a hermetic tunnel. WebRTC should be standard in modern video applications as secure encryption for video conferencing. WebRTC peer-to-peer is often sufficient for small numbers of participants and low bandwidth requirements.
2. The use of video bridges: The performance of WebRTC, however, deteriorates with higher numbers of participants. This is why WebRTC-compatible video bridges are needed, since they require less bandwidth on the client side and are therefore more suitable for 1:N video communication. Encryption of the transport connections is still based on WebRTC. The video bridge itself is operated on dedicated servers, which should be under the control of the respective organization. If videoconferences are recorded, these often very large files should of course also be stored in encrypted form. The same also applies to whiteboards, for example.
3. End-to-end encryption: Videoconferencing is usually one of many communication channels, such as messenger, chat or email, used in collaboration. Often, one or more formats are used in parallel. Therefore, from a security perspective, it is important to avoid application proliferation. Integrated communication suites with a common code base for all functional modules facilitate end-to-end encryption. This also generally applies to auditability of security standards. Partially functional video solutions on a closed-source basis – in contrast to open-source solutions – use proprietary, non-standardized software modules and thus make security audits more difficult. OMEMO-based encryption is therefore recommended for chat applications.
“Video communication has become a mainstay of collaboration in education, at work and is also playing an increasingly important role in private life,” explains Andrea Wörrlein, Managing Director of VNC in Berlin, Germany, and member of the Board of VNC AG in Zug, Switzerland. “Technologies such as WebRTC and video bridges with secure encryption should therefore be natural features of a video conferencing solution.”
VNC – Virtual Network Consult AG, based in Switzerland, Germany and India, is a leading developer of open source-based enterprise applications and positions itself as an open and secure alternative to the established software giants. With VNClagoon, the organization with its global open source developer community has created an integrated product suite for enterprises, characterized by high security, state-of-the-art technology and low TCO. VNC’s customers include system integrators and telcos as well as large enterprises and institutions. Further information: https://vnclagoon.com
VNC – Virtual Network Consult AG
Phone: +41 (41) 727 52 00