Configuration Guidelines for Secure Conferencing

To minimize the risk of toll fraud and unauthorized access to information via Audio, Web and Video conferences, perform the following configuration:

  1. Ensure that users publish password-protected conferences:

    • Click System Options.

    • Ensure that Allow users to publish conference only with password is enabled.

  2. Unpublish all Conferences that have been published without passwords:

    • Under Monitoring, click Manage Published Data.

    • In the "Conferences Published without a Password" table, click Unpublish All. This action removes public access to the conferences, documents, and recordings.

  3. Enable the Leader Required option for all conferences. After this option is set, a leader must be present even for one-time and recurring conferences. This requirement is applied to all users for all previously scheduled conferences and new conferences.

    • Under Provisioning, click Default User Settings.

      1. Under Conference Settings dropdown menu, select Reservationless calls allowed, leader required.

      2. Click Save and then click OK.

      3. Click Restore all Users to Defaults.

  4. Disable the ability to dial out at the server level:

    1. Clear the Dial out allowed box to disable this functionality. Note that this prevents dialing out to clients including the AWV PC client, dialing out from the Conference Join page, and dialing out to the UC360.

    2. Click Save and then click OK.

    3. Click Restore all Users to Default

  5. On the PBX, apply a Class of Restriction (COR) on the AWV extensions that disallows international calls (if acceptable).

In addition, to the above settings, instruct users to apply the following parameters when setting up conferences:

  1. Require approval for conference access:

    1. Log into MiCollab End User Portal.

    2. Click Audio, Web and Video Conferencing.

    3. Click Set up A Conference.

    4. Select a type of conference.

    5. Under Call Features, Personal ID check the Conference access requires approval box.

    6. Click OK. Users will need to enter a Personal ID to join the conference. A non-user can generate a guest id. The system then sends an e-mail to the conference owner, which the owner must approve before the user can join. The Leader can also approve users from his or her portal from the Approval tab in the conference. This setting restricts access to the join flow page which supports dialing out.

  2. Set a password at conference level:

    • Under Password Protection assign a Conference password. Users must enter the password to join the conference and to gain access to the join flow page which supports dialing out.