As video conferencing continues to grow in importance for businesses, end-to-end encryption has never been a more critical feature for securing this communication channel. You need to have confidence in your video conferencing and overall collaboration solutions. Are they always available? And are they “securely available”? And are your communications themselves available to you and your teams…and no one else?
End-to-end encryption (E2EE) is the next step in secure communications. But what is E2EE, exactly? How does it secure messaging, video and phone communications? What does it protect against? And who can access these E2EE communications? Let’s find out.
In this article, we’ll cover:
End-to-end encryption (E2EE) is a powerful security and privacy control that ensures your online meeting contents are confidential and secure. E2EE provides privacy for privileged conversations as well as security protection against third-party intrusion and cyber attacks.
End-to-end encryption (E2EE) technology prevents any unauthorised third party from accessing users’ communications. With E2EE, the endpoints (sender and receiver) are able to establish encryption keys without the involvement of any intermediaries. The endpoints can then use these keys to encrypt (and decrypt) data, as seen in this diagram:
For video meetings where you want total privacy and data security, E2EE adds an extra layer to mitigate risk and shield sensitive information.
As a result, there are two really important benefits that E2EE provides for video conferencing:
With E2EE, data is encrypted the entire time it traverses the provider’s network. Because only participants can decrypt the communications, bad actors at the provider’s side, or anywhere in between, can’t eavesdrop on your communications.
With E2EE, if someone tries to modify or tamper with your communications, you will know because they won’t decrypt properly.
Encryption of data in transit, over public and private networks, uses industry standard protocols to set up encrypted channels to protect data in transit between two points (known as point-to-point (P2P) encryption).
When used with standard protocols such as TLS, SRTP, even HTTP/S, P2P encrypted channels are established between two systems, such as the application used by the video participants and the video provider’s processing systems.
P2P solutions result in the video conferencing provider setting up a P2P channel with each video conference participant. If there are 17 participants, the video conference provider has 17 P2P channels to manage with full access to all communications across these 17 channels.
This allows the video provider to provide additional features, such as virtual backgrounds, meeting transcription and closed captioning and chat translation of the decrypted ”in the clear” communications.
E2EE is different from standard encryption. With standard encryption, which is on by default, data in transit is encrypted using Transport Layer Security (TLS), and data at rest is encrypted with AES-256. Additionally, with standard encryption, RingCentral is able to provide additional benefits to enhance the communications to make a richer user experience – such as recordings, AI transcripts, whiteboards and much more.
With E2EE enabled, RingCentral cannot offer these enhanced experiences but in exchange provides the utmost privacy and security for an organisation’s communications.
Remember that there are advantages and disadvantages to both end-to-end (E2EE) and point-to-point (P2P) encryption.
With E2EE, you have total confidentiality and peace of mind that your video meeting is fully private, but value-added services such as live transcripts and cloud recording won’t be available.
With P2P or encrypted data-in-transit, you have protection from eavesdroppers while your communications are en route from sender to receiver; explicit provider access allows value-added services including live transcripts/closed captioning, cloud recording and more. If you need to uplift your security, then E2EE is the way to go.
Of course, how you approach each video meeting will be different. For example, a monthly all-hands meeting might benefit from services like closed captioning. A meeting to discuss sensitive financial or legal information, however, requires total privacy and deserves the uplifted security of end-to-end encryption.
When coupled with RingCentral’s high availability (99.999% uptime, or less than 5 minutes of unplanned downtime a year), RingCentral’s E2EE video conferences provide unparalleled security and data protection with confidentiality, integrity, and availability.
With E2EE, no unauthorised 3rd party can access communication content: including RingCentral. Think of us as the conduit between two or more parties but the communication content travels through RingCentral. We cannot read, see or hear what’s being communicated.
This functionality will be available to all RingCentral MVP users, whether they are inside a company communicating with each other or interacting with external guests, as long as they are signed into a RingCentral account.
With E2EE cryptography, the private keys are stored on the endpoint devices and E2EE messages can only be decrypted using these keys.
Let’s use an example of video or voice. A RingCentral user generates audio or video streams that are encrypted, packetised, and then sent to the backend RingCentral servers. The backend then sends it further to the recipients. But only the recipients can decrypt it.
The key management is completely outside of the backend even though it distributed them. The backend works directly with the endpoints for key distribution.
We built our E2EE using Message Layer Security (MLS). MLS is a security layer for encrypting messages in groups of size two to many. It is designed to be efficient, practical and secure. In contrast, other popular consumer and business applications that use E2EE technology use the Signal protocol, which is a non-federated cryptographic protocol that can be used to provide end-to-end encryption for voice calls and instant messaging conversations.
However, Signal-built E2EE solutions are not as scalable when compared to MLS-built ones. As a result, they will have performance issues such as CPU usage, memory issues and lag when going beyond 1:1 conversations – a limitation that does not exist with RingCentral E2EE as a result of using MLS.
For compliance minded organisations, IT administrators can turn E2EE on/off at any time. Additionally, IT administrators have cryptographic access to messaging data and can export messaging data if needed. RingCentral also plans to empower customers to enable content capture and supervision with select partners for E2EE voice, chat and video next year.
“With RingCentral’s E2EE for video, and soon, phone calls and messaging, organisations can use RingCentral’s native capabilities to simplify their technology stack with one offering. We believe our approach to end-to-end encryption across message, video and phone is truly differentiated, and represents the most complete deployment of E2EE for enterprise communications, to date,” said Michael Armer, chief information security officer at RingCentral.
“People exchange millions of calls and messages a day on RingCentral’s platform. With our new E2EE, we’re extending enterprise-grade privacy and security controls for our customers, giving them the freedom to have confidential conversations across any mode.”
Published byAs we step into the evolving workplace of 2024, RingCentral acknowledges the unique challenges organisations…
Good communication is at the heart of every successful business, regardless of size or industry.…
As financial pressures continue to build for local government, public services are feeling the impact.…
Further and Higher education is an ever-growing market. As more international students choose the UK…
As businesses increasingly embrace digital transformation and seek ways to transform the customer experience, AI…
For the 9th consecutive year, RingCentral has been named a Leader in the 2023 Gartner®…
This website uses cookies for analytics and functionality purposes. If you continue browsing our website, you accept these cookies.