Close
Skip to content

Security

How Vidyo protects your video communication

Security

How Vidyo protects your video communication

Secure by design

Security starts with sound processes. Vidyo maintains an information security governance policy that controls the way the confidentiality, integrity, and availability of information is handled, thereby preventing misuse and malicious damage that could impact Vidyo operations and ultimately our customers and partners.

For healthcare organizations, VidyoConnect is fully HIPAA compliant. Vidyo does not store or access protected health information (PHI) of users of our healthcare cloud services, and will sign HIPAA-compliant business associate agreements

Key Security Features

  • SRTP media encryption
  • FIPS 140-2 certified libraries
  • Secure HTTPS login utilizing industry-standard PKI
  • TLS using strong encryption ciphers for signaling
  • Password hashing in database
  • Encrypted token technology for session security
  • No login information retained on the client

User Login and Database Security

Protecting the login process from eavesdroppers and hackers is fundamental to securing the VidyoConnect service.

No login information is retained by the Vidyo soft clients. For organizations that use an external database for user account management, LDAP, SAML, and Active Directory (AD) are supported.

All Vidyo endpoints connect through the cloud and are not directly accessible from another endpoint. Even on public networks, Vidyo endpoints are protected from unauthorized direct access through an IP address. The architecture provides the endpoint with a built-in layer of security from third-party hacking and voyeurism.

HTTPS with certificate support on login

VidyoConnect always establishes an encrypted HTTPS channel with each Vidyo endpoint that attempts to access the system. Before transmitting any login information, the Vidyo endpoint or web browser validates the VidyoConnect certificate and verifies it was issued by a trusted third-party certifying authority. Once the certificate is verified, login and password information is transmitted securely to VidyoConnect over the same encrypted HTTPS channel.

Encrypted tokens for session security

For HTTPS connections, the ciphers and key exchange method used are dependent on what the end user’s browser can support. However, Vidyo infrastructure components prefer to use the strongest available ciphers and will reject the use of known weak ciphers.

 

User Login and Database Security

VidyoConnect always establishes an encrypted HTTPS channel with each Vidyo endpoint that attempts to access the system. Before transmitting any login information, the Vidyo endpoint or web browser validates the VidyoConnect certificate and verifies it was issued by a trusted third-party certifying authority. Once the certificate is verified, login and password information is transmitted securely to VidyoConnect over the same encrypted HTTPS channel.

Spoof Prevention, Component Authentication
and Session Security

“Spoofing” is a tactic used by hackers to “steal” the identity of a trusted component of a network in order to gain access. Vidyo helps prevent spoofing through a rigorous component authentication scheme. Each server in the VidyoConnect network has a unique identifier that is communicated to the portal application over a secure link and is otherwise not accessible. New components added to the VidyoConnect network go to the portal application for configuration. If the portal application does not have a configuration defined for that machine’s specific ID, the machine is blocked from joining the network until the VidyoConnect administrator accepts the new ID and manually configures the component.

On the client side, a unique token is used to authenticate the endpoint to the portal application in lieu of the password, and the administrator of the portal application can define expiration rules requiring users to reauthenticate.

Richiedi una licenza gratuita di VidyoCloud

Compila il form qui di seguito, tutti i campi sono richiesti, e ricevi una licenza temporanea gratuita per provare le funzionalità della piattaforma.

Telefono

Telefono

Viale Sarca 336 Milano

Viale Sarca 336 Milano

Edificio 12

HEADQUARTERS

Viale Sarca 336, Edificio 12

20126 Milano

Tel: +39 02 270701

SEDE DI BOLZANO

Via del Vigneto 35/A

39100 Bolzano

HEADQUARTERS
Viale Sarca 336, Edificio 12
20126 Milano
Tel: +39 02 270701

SEDE DI BOLZANO
Via del Vigneto 35/A
39100 Bolzano

©2006-2021 Enghouse Italy S.r.l. – REA Milano 1345368 – Registro Imprese Milano P.IVA. 10140030155 – C.S. € 1.150.000 i.v. – Soggetta a direzione e coordinamento di Enghouse Holdings (UK) Limited