Goodmeetings

goodmeetings-logo
Login

Security Policy

Chakadola Technologies Private Limited

Protecting your meetings

Pre-meeting settings:

Securing your meetings on the Goodmeetings platform can start before your meeting even begins, with a robust set of pre-meeting features.

  • Waiting Rooms: IT Admins can enforce waiting rooms at the workspace level in the “Settings” menu of the Goodmeetings account. This can be done separately for internal participants (i.e. for users within the same workspace) and external participants (i.e. for users outside the workspace).
  • Passwords: Passwords can be set at the individual meeting level or can be enabled at the user level for all meetings.
  • Join by Domain: Only authenticated users can join meetings which require individuals to sign into a Goodmeetings account and/or ensure their email address is authenticated (via SSO login or verification using a passcode) before allowing them to join the meeting.

In meeting settings:

Goodmeetings has controls at your fingertips to ensure your meetings are secure and disruption-free.

  • Security options within the meeting console: Meeting hosts can quickly access the app store to go to the security controls in the Settings section.
  • Remove participants: From that Participants menu, you can mouse over a participant’s name, and several options will appear, including “Remove”.
  • Disable video: Hosts can turn someone’s video off. This will allow hosts to block unwanted, distracting, or inappropriate gestures on video.
  • Mute participants: Hosts can mute/unmute individual participants. Hosts can block unwanted, distracting, or inappropriate noise from other participants.
  • Control screen sharing: The meeting host can turn off screen sharing for participants.
  • Control recording: The ability to record to the cloud or locally is something an account admin can control. If they have recording access, the host can decide to enable/disable a participant or all participants to record.
  • Turn on waiting rooms: The meeting host can turn on waiting rooms from within the meeting.


Protecting your data

Goodmeetings offers a range of authentication methods such as SAML, OAuth, and/or Password based which can be individually enabled/disabled for an account. Users authenticating with username and password can also enable two-factor authentication (2FA) as an additional layer of security to sign in.

Encryption and security

All communication between your browser and Goodmeetings is transmitted over an encrypted connection (HTTPS using TLS). Real time messaging is done using encrypted WebSockets or polling using HTTPS. By default, rooms are set to Group call mode, and will use a dedicated server infrastructure for calls. With this infrastructure, streams will always be encrypted (DTLS-SRTP) in transit, but will be decrypted and re-encrypted when passing through the video routers. In cases where a user is behind a strict firewall or NAT, video and audio need to be relayed via a TURN server, but end-to-end encryption is still maintained.

How we process & store media (audio/video)

We will never store any media sent between participants in a room. Both video recordings and transcripts are stored on our cloud. The user who starts the recording (the user must be internal to the workspace of the host to do this) are then responsible for getting consents from all participants in the meeting prior to starting the recording.

By default rooms are set to our Group mode that use a dedicated server infrastructure to allow more people in conversation, and better stability. Your stream will be sent through video router servers which transmits it to the other participants in the call, and also transmits their streams to you. With this infrastructure, streams will always be encrypted (DTLS-SRTP) in transit, but will be decrypted and re-encrypted when passing through the video routers.

We offer the use of a secure server. All supplied sensitive information is transmitted via Transport Layer Security (TLS) technology and then stored into our database to be only accessed by those authorised with special access rights to our systems, and are required to keep the information confidential.

Personal data we collect is stored on infrastructure provided by AWS and GCP in Mumbai. India. Both AWS & GCP implement and maintain industry- leading security standards.

Who has my credit card details?

We use Stripe for our credit card processing and storage. It is an extremely reliable, global payment processor that manages transactions for thousands of customers every day. It is PCI Service Provider Level 1, which is the strictest level of certification possible for a payment processor and uses high-level security to achieve this. It is also GDPR compliant. You can read more about the company’s security measures here:

https://stripe.com/no/payments

Incident Response

Goodmeetings maintains a structured Incident Response Plan to guide its response to security events, incidents and breaches of the security of Goo meetings services or corporate IT infrastructure.

In order to allow Goodmeetings to respond to incidents in an efficient and effective manner, including detecting, analysing, prioritizing, and handling of incidents, the following minimum conditions need to be met. Goodmeetings has to be given the opportunity to determine scope and risk, respond appropriately to incident, communicate results & risks to all stakeholders, and reduce likelihood of incident reoccurring.

For breaches affecting a specific customer, Goodmeetings will notify the account owner and administrator (s) through email or as specified in the fully executed service agreement. Further Goodmeetings will inform relevant regulatory authorities within applicable timelines as required under applicable laws.

Scroll to Top