• Home

  • Documents

  • MIKOGO SECURITY DOCUMENTLayer (SSL), which is the most widely used Internet standard for securing...
6
MIKOGO SECURITY DOCUMENT

MIKOGO SECURITY DOCUMENTLayer (SSL), which is the most widely used Internet standard for securing sensitive web data communications. SSL web server certificates are provided and signed

  • Upload
    others

  • View
    6

  • Download
    0

Embed Size (px)

Citation preview

Page 1: MIKOGO SECURITY DOCUMENTLayer (SSL), which is the most widely used Internet standard for securing sensitive web data communications. SSL web server certificates are provided and signed

MIKOGO SECURITY DOCUMENT

Page 2: MIKOGO SECURITY DOCUMENTLayer (SSL), which is the most widely used Internet standard for securing sensitive web data communications. SSL web server certificates are provided and signed

Page

2.

3.

3.

3.

3.

4.

4.

4.

5.

5.

5.

5.

5.

5.

5.

5.

6.

6.

The Most Important Facts in a Nutshell

Content Security

User Interface Security

Infrastructure Security

In Detail

Application

Firewall Compatibility

Content Security

Data Compression and Encryption

Website SSL Encryption

Digitally Signed Software

User Interface Security

Roles and Responsibilities

Session Parameters

Organizer, Presenter and Participant Privileges

Infrastructure Security

Conclusion

Table of Contents

Page 3: MIKOGO SECURITY DOCUMENTLayer (SSL), which is the most widely used Internet standard for securing sensitive web data communications. SSL web server certificates are provided and signed

Screen Sharing has never been so easy

3 www.mikogo.com

www.mikogo.com 3

The Most Important Facts in a Nutshell

Content Security

Data Compression and Encryption

All content that is shared with the participant in the meeting is compressed with proprietary compression algorithms. This compressed content can be interpreted only by the appropriate Mikogo participant software. Moreover, Mikogo never sends meeting content in clear text, but encrypts all data using 256-bit AES encryption.

Website Encryption The Mikogo website is secured with 128-bit encryption using Secure Sockets Layer (SSL), which is the most widely used Internet standard for securing sensitive web data communications. SSL web server certificates are provided and signed by VeriSign/Thawte.

User Interface Security

Session ID and Session Password

A randomly generated 9-digit session ID is assigned to the session organizer to uniquely identify the session. A session password can be defined for additional security. Sessions can only be joined with the session ID and the session password if any.

Roles and Responsibilities

There are several roles in a Mikogo session: organizer, presenter and participant. The organizer needs a username and password and is the only user who can start sessions. The presenter has the capability to share data. The presenter determines what is shared in a session and the level of access that the participant will have during a session. The presentation rights can be handed over. Before becoming the presenter, the participant has to explicitly agree to transmit their computer screen. These same explicit agreements are also made when granting remote control rights. It is not possible to view or control the computer screen without the explicit consent of the presenter.

Infrastructure Security

Third Party Access Prevention

We employ state of the art firewalls, network monitoring, and intrusion detection tools. Strict change management is employed and additional internal security policies and procedures are enforced.

No Session Data is stored

Dynamic session content displayed during a Mikogo session originates only from the presenter’s machine. The participant sees only representations of this data. At the conclusion of a session, all such representations dissipate.

Page 4: MIKOGO SECURITY DOCUMENTLayer (SSL), which is the most widely used Internet standard for securing sensitive web data communications. SSL web server certificates are provided and signed

Screen Sharing has never been so easy

4 www.mikogo.com

www.mikogo.com 4

In Detail Provided by the global online collaboration solutions provider Snapview, Mikogo is an innovative desktop sharing tool used for sales, marketing, training, project management and customer support. Snapview endeavors that the Mikogo services meet the most stringent corporate security requirements. Mikogo assigns data security the highest priority in the design, deployment and maintenance of its network, platform and services. The purpose of this document is to provide information on the data security features and functions that are available in Mikogo and inherent in the underlying communication infrastructure. We discuss the following items in this document: application, firewall compatibility, content security, user interface security, and infrastructure security.

Application The Mikogo software communicates with the Mikogo servers located in North America and Europe using proprietary protocols and data exchange methods. It is impossible to participate in a Mikogo session without the close coordination between the Mikogo software and the Mikogo servers. The data in a Mikogo session is shared using the software, which must establish a connection with a Mikogo server. These security features are inherent throughout the session. Each session is dynamic and involves a handshake between the Mikogo software and the Mikogo server, and the communication between these components is by default compressed, encoded, and encrypted.

Firewall Compatibility The Mikogo software communicates with the Mikogo servers to establish a reliable and secure connection. When a session is started, the Mikogo software determines the best method for communication. The Mikogo software connects to the Mikogo servers using TCP or http/https protocols over port 80 or 443. In case TCP connections are blocked, the Mikogo software will tunnel all communications using http/https. Regardless of the type of connection that is established when the session is started, firewalls do not have to be specially configured to enable Mikogo sessions.

Page 5: MIKOGO SECURITY DOCUMENTLayer (SSL), which is the most widely used Internet standard for securing sensitive web data communications. SSL web server certificates are provided and signed

Screen Sharing has never been so easy

5 www.mikogo.com

www.mikogo.com 5

Content Security Mikogo provides several controls to prevent unwittingly sharing data during a session. The presenter can hide the screen at any time to browse through their own confidential files. The presenter can also hide the desktop’s wallpaper, the desktop contents, and the taskbar.

Data Compression and Encryption All content that a presenter shares with the participant in a session is only a representation of the original data. In addition, all content that is shared with the participant in the session is compressed with proprietary compression algorithms. This compressed content can be interpreted only by the appropriate Mikogo connection software. Moreover, Mikogo never sends session content in clear text, but encrypts all data using 256-bit AES encryption (Advanced Encryption Standard).

Website SSL Encryption Mikogo secures its website with 128-bit encryption using Secure Sockets Layer (SSL), which is the most widely used Internet standard for securing sensitive web data communications. SSL web server certificates are provided and signed by VeriSign/Thawte.

Digitally Signed Software All software components provided by Mikogo are digitally signed using VeriSign/Thawte certificates, the leading certificate authority.

User Interface Security Mikogo security is also enforced through a variety of mechanisms exposed through the Mikogo user interface. The available options depend on the role a session participant assumes.

Roles and Responsibilities There are several roles in a Mikogo session: organizer, presenter and participant. The organizer needs a username and password and is the only user who can start sessions. The participant can participate in a session. Both, organizer and participant can become presenter and show their screens.

Session Parameters The organizer can specify a 9-digit session ID or use a randomly generated 9-digit session ID to uniquely identify the session. A session password can be defined for additional security. Sessions can be joined by either entering the session ID manually or by clicking on the join session URL in an email invitation or instant message. In either case, it is recommended that the organizer explicitly informs the participant of the existence of the session either by phone or by email.

Organizer, Presenter and Participant Privileges Only an organizer can start a Mikogo session using a unique username and strong password. The organizer has the first level of control in the session. The viewing direction can be switched by both the organizer and the respective presenter at any time during a Mikogo session and requires the explicit consent of the participant. The presenter has the capability to share data. The presenter determines what is shared in a session and the level of access that the participant will have during a session.

The presenter may grant remote control permissions. At any point during such a session the presenter can immediately revoke the participant’s remote control privileges by pressing Ctrl+F12 (or Ctrl+ESC on a Mac computer) on the keyboard or by clicking on the M icon in the system tray and selecting Disable Remote Control. This allows full control over what can occur during times of remote control.

Page 6: MIKOGO SECURITY DOCUMENTLayer (SSL), which is the most widely used Internet standard for securing sensitive web data communications. SSL web server certificates are provided and signed

Screen Sharing has never been so easy

6 www.mikogo.com

www.mikogo.com 6

The organizer may actively request remote control privileges. The presenter always has to explicitly agree to grant remote control rights. It is not possible to control the computer without the explicit consent of the presenter. Both, organizer and presenter can switch the viewing direction. However, the participant first has to explicitly agree to become the presenter and to show their computer screen. After the participant has become the presenter for the first time during a session, the organizer can take back presenting rights for themselves and become the presenter again even without the consent of the participant. However, when switching the viewing direction, the organizer always has to explicitly agree to become presenter. Both, organizer and presenter can end the session at any time.

Infrastructure Security Mikogo maintains a distributed network of high-speed switching servers. Session data originating from the presenter’s machine and arriving at the participants’ machines is switched – never stored – through the Mikogo switching server network. No session data is stored on the Mikogo servers.

There is no need to upload content to the Mikogo servers prior to a session. Dynamic session content displayed during a Mikogo session originates only from the presenter’s machine. The participant sees only representations of this data. At the conclusion of a session, all such representations dissipate. All that remains of a Mikogo session is ancillary information like billing records, not a record of the conversation itself.

Snapview invests a lot of time and energy into developing, deploying and maintaining a secure environment for the Mikogo services. We employ state of the art firewalls, network monitoring, and intrusion detection tools. Strict change management is employed and additional internal security policies and procedures are enforced.

Conclusion Snapview pays careful attention to the incorporation of security principles and standards in the design and operation of the Mikogo infrastructure and services. The data security of Mikogo will remain the highest priority at Snapview, enabling us to continue achieving the goal of providing efficient and secure online real-time communication services.

www.mikogo.com


Securing the SSL/TLS channel against man-in-the-middle ...€¦ · • If a single one is broken, all TLS/SSL domains are prone to attacks 9 . ... Securing the SSL/TLS channel against

Securing the SSL/TLS channel against man-in-the-middle ...€¦ · • If a single one is broken, all TLS/SSL domains are prone to attacks 9 . ... Securing the SSL/TLS channel against

Documents
SSL Implementation and Website Security Best …...SSL Implementation and Website Security Best Practices, Version 01 Securing Websites via SSL Certificates is No Longer an Option,

SSL Implementation and Website Security Best …...SSL Implementation and Website Security Best Practices, Version 01 Securing Websites via SSL Certificates is No Longer an Option,

Documents
Licensing VeriSign Certificates: Securing Multiple Multiple Srv.pdfof configurations.This document explains the licensing and proper use of VeriSign® SSL certificates for securing

Licensing VeriSign Certificates: Securing Multiple Multiple Srv.pdfof configurations.This document explains the licensing and proper use of VeriSign® SSL certificates for securing

Documents
Securing Online Businesses Against SSL-based DDoS Attacks · 2017. 3. 7. · Protecting Online Businesses Against SSL-based DDoS Attacks Whitepaper Smart Network.Smart Business. 5

Securing Online Businesses Against SSL-based DDoS Attacks · 2017. 3. 7. · Protecting Online Businesses Against SSL-based DDoS Attacks Whitepaper Smart Network.Smart Business. 5

Documents
Securing Apache Kafka · 2020. 7. 31. · Kafka CSD auto-generates listeners for Kafka brokers, depending on your SSL and Kerberos configuration. To enable SSL for Kafka installations,

Securing Apache Kafka · 2020. 7. 31. · Kafka CSD auto-generates listeners for Kafka brokers, depending on your SSL and Kerberos configuration. To enable SSL for Kafka installations,

Documents
Securing REST APIs with SSL/TLS - owasp · Securing REST APIs with SSL/TLS Youssef Oujamaa OWASP Netherlands 2016-04-21

Securing REST APIs with SSL/TLS - owasp · Securing REST APIs with SSL/TLS Youssef Oujamaa OWASP Netherlands 2016-04-21

Documents
Mikogo Version 4 Mac User Guide

Mikogo Version 4 Mac User Guide

Documents
Securing Your Condor Pool With SSL

Securing Your Condor Pool With SSL

Documents
Securing Remote Access With SSL VPNs: A Best Practice Primer

Securing Remote Access With SSL VPNs: A Best Practice Primer

Documents
Securing GroupWise ® end-to-end with SSL Mike Bills ATT Engineer, Novell Inc. mbills@novell.com

Securing GroupWise ® end-to-end with SSL Mike Bills ATT Engineer, Novell Inc. [email protected]

Documents
Mikogo User Guide Linux Version...Mikogo User Guide - Linux Page 5 of 24 Start a Session Follow the steps above to open the Mikogo application on your computer. Please click on the

Mikogo User Guide Linux Version...Mikogo User Guide - Linux Page 5 of 24 Start a Session Follow the steps above to open the Mikogo application on your computer. Please click on the

Documents
Seite 1 Mikogo Gebrauchsanleitung · Mikogo Benutzerhandbuch Seite 3 von 24 Registrierung Mikogo ist eine einfache Software zur schnellen Übertragung Ihres Bildschirms. Ihre

Seite 1 Mikogo Gebrauchsanleitung · Mikogo Benutzerhandbuch Seite 3 von 24 Registrierung Mikogo ist eine einfache Software zur schnellen Übertragung Ihres Bildschirms. Ihre

Documents
Securing Insecure Networks SSL/TLS & IPSec. 4-1: Cryptographic System Copyright Pearson Prentice-Hall 2010 2

Securing Insecure Networks SSL/TLS & IPSec. 4-1: Cryptographic System Copyright Pearson Prentice-Hall 2010 2

Documents
SA4500 FIPS and SA6500 FIPS SSL VPN Appliances€¦ · maintenance. SSL is the most widely deployed security protocol in the world, securing billions of dollars in online banking

SA4500 FIPS and SA6500 FIPS SSL VPN Appliances€¦ · maintenance. SSL is the most widely deployed security protocol in the world, securing billions of dollars in online banking

Documents
Securing MySQL with a Focus on SSL

Securing MySQL with a Focus on SSL

Technology
Securing your WebSphere Message Broker - SHARE · Securing your WebSphere Message Broker David Coles ... WS-Security • Demo / Sample • ... More details on implementing SSL authentication

Securing your WebSphere Message Broker - SHARE · Securing your WebSphere Message Broker David Coles ... WS-Security • Demo / Sample • ... More details on implementing SSL authentication

Documents
Vertaisohjauskoulutus Skype & Mikogo 11 3 2010

Vertaisohjauskoulutus Skype & Mikogo 11 3 2010

Education
QRG - Securing Apache HTTP with mod ssl for Linux - Stewing Home

QRG - Securing Apache HTTP with mod ssl for Linux - Stewing Home

Documents
Mikogo Web Conferencing & Remote Support: User Guide · Mikogo User Guide Page 4 Furthermore, along with the icon, a Mikogo shortcut icon will appear on your computer desktop. For

Mikogo Web Conferencing & Remote Support: User Guide · Mikogo User Guide Page 4 Furthermore, along with the icon, a Mikogo shortcut icon will appear on your computer desktop. For

Documents
Mikogo User Guide Online Webconferencing Tool

Mikogo User Guide Online Webconferencing Tool

Documents
Securing SSL Certificate Verification through Dynamic Linking

Securing SSL Certificate Verification through Dynamic Linking

Documents
Securing Multiple Domains with SAN/UCC · While SSL/TLS is standardized, there are differences between SSL/TLS providers and the certificates they offer. Here are some important criteria

Securing Multiple Domains with SAN/UCC · While SSL/TLS is standardized, there are differences between SSL/TLS providers and the certificates they offer. Here are some important criteria

Documents
Securing Oracle Coherence · Configuring a .NET Client-Side Stream Provider 6-16 Using SSL to Secure Federation Communication 6-17 Encrypting SSL Passwords 6-18 Controlling Cipher

Securing Oracle Coherence · Configuring a .NET Client-Side Stream Provider 6-16 Using SSL to Secure Federation Communication 6-17 Encrypting SSL Passwords 6-18 Controlling Cipher

Documents
Securing SSL Certificate Verification through Dynamic Linkingbates/documents/Bates_Ccs14.pdf · test of time, reliably establishing destination identity in SSL connections has proven

Securing SSL Certificate Verification through Dynamic Linkingbates/documents/Bates_Ccs14.pdf · test of time, reliably establishing destination identity in SSL connections has proven

Documents
No Waiting with Mikogo

No Waiting with Mikogo

Technology
Mikogo 4 User Guide Win

Mikogo 4 User Guide Win

Documents
vCloud Director Security - vCloud Director 9 Security Requirements 15 Certificates 17 Firewalls 19 Load Balancers and SSL Termination 20 Securing AMQP (RabbitMQ) 21 Securing Cassandra

vCloud Director Security - vCloud Director 9 Security Requirements 15 Certificates 17 Firewalls 19 Load Balancers and SSL Termination 20 Securing AMQP (RabbitMQ) 21 Securing Cassandra

Documents
Securing Connections with Digital Certificates in … · Securing Connections with Digital Certificates in Router ... Server sends a copy of its SSL Certificate, ... Export the certificate-request.pem

Securing Connections with Digital Certificates in … · Securing Connections with Digital Certificates in Router ... Server sends a copy of its SSL Certificate, ... Export the certificate-request.pem

Documents
SECURING - Scale Dynamix · Securing WooCommerce • Use a good hosting provider • Use SSL. Use Really-simple-ssl plugin if there are mixed-content warnings • Use strong passwords

SECURING - Scale Dynamix · Securing WooCommerce • Use a good hosting provider • Use SSL. Use Really-simple-ssl plugin if there are mixed-content warnings • Use strong passwords

Documents
Benefits of Securing Website With SSL Certificate

Benefits of Securing Website With SSL Certificate

Internet