Security of Your Communications

When holding corporate video conferences, privacy is an important factor – intruders should be prevented from accessing data even if they manage to invade a company’s internal network.

We take the privacy of our customers’ conferences seriously. TrueConf Server provides five security levels: from basic to cryptographically impregnable.

Level 1: Mandatory Authorization

Unauthorized users cannot access TrueConf Server (except for guests in public conferences) without authorization that always requires a login and password. Administrator create user credentials manually when configuring the server for each user separately, or automatically via synchronization with Active Directory.

Encryption authorization

Level 2: Proprietary Video Codec

To encode video streams, we use our own implementation of VP8 video codec with advanced SVC support. Eventually, even if a video stream is seized (which is also almost impossible – see the following sections), intruders cannot decode video by standard means.

Level 3: Control Data Encryption

Signalling informationthat controls how server and endpoints interact is transmitted over a secure channel with symmetric encryption via TLS Protocol (transport layer security protocol, advanced SSL enhancement). We use an open TLS implementation from OpenSSL, which ensures transparency of algorithm being used.

Level 4: Media Data Encryption

In addition, video and audio streams are encrypted according to AES-256, a symmetric encryption standard. This method works with a long key length (256 bits), which provides a high level of security, and AES (Advanced Encryption Standard) alone is a generally accepted standard. Even with a successful attempt to intercept traffic, intruders cannot reproduce data streams, since they do not know a secret key used by the endpoint and the server to encrypt this session.

Level 5: Integration with Firmware VPN Gateways

To ensure full privacy of your data, you can use software or firmware VPN gateways that provide end-to-end encryption of all corporate traffic between segments of your network when running TrueConf Server.