Category

Pick a topic

What is end-to-end encryption and why it matters

Ring Central Blog

Share

URL copied
5 min read

Highlights:


This is the second blog of our RingCentral MVP™ security series. Check out the previous post where we highlight the four building blocks of security in RingCentral MVP.


 

Video conferencing has been a key part of global team collaboration. Now that work-from-anywhere is spreading to local teams, video conferencing has moved from a key business enabler to a business necessity. 

You need to have confidence in your video conferencing and overall collaboration solutions. Are they always available? And are they “securely available”? And are your communications themselves available to you and your teams and no-one else? 

Everything you need to know about RingCentral security.

Read the white paper

The first step to secure communication is to use encryption—an important method for businesses to protect their information. Encryption makes information unreadable, where only those individuals with the appropriate keys can decipher encrypted data and read it. 

Encryption is therefore an important way to protect your data, especially if that data has to be transmitted over a public network. Most secure communication protocols (such as TLS, HTTP/S) occur between systems, or “points,” and therefore provide “P2P” or point-to-point encryption. 

End-to-end encryption (E2EE) is the next step in secure communications. But what is E2EE, exactly? How does it secure messaging, video, and phone communications? What does it protect against? And who can access these E2EE communications? 

Let’s look at the basics.

Encrypted communications and video meetings  

Encryption of data in transit, over public and private networks, uses industry standard protocols to set up encrypted channels to protect data in transit between two points (known as point-to-point (P2P) encryption).

When used with standard protocols such as TLS, SRTP, even HTTP/S, P2P encrypted channels are established between two systems, such as the application used by the video participants and the video provider’s processing systems. 


Point-to-point data-in-transit encryption:

  1. The sender’s channel encrypts data to send to the provider (the video provider).
  2. The receiver‘s channel decrypts data received from the sender.
  3. The receiver (video provider) processes (unencrypted) information. 
  4. The receiver’s channel encrypts data to send to the sender.
  5. The sender’s channel decrypts data received from the receiver (the video provider).

P2P solutions result in the video conferencing provider setting up a P2P channel with each video conference participant. If there are 17 participants, the video conference provider has 17 P2P channels to manage with full access to all communications across these 17 channels. 

This allows the video provider to provide additional features, such as virtual backgrounds, meeting transcription and closed captioning, and chat translation of the decrypted ”in the clear” communications. 

End-to-end encryption, explained

End-to-end encryption (E2EE) is the next step in secure communication. It’s what happens when the endpoints are able to establish encryption keys without the involvement of any intermediaries. 

The endpoints can then use these keys to encrypt data (thus getting encryption in transit) knowing that the intermediaries cannot decrypt or read the in-the-clear communications. 

When using a dedicated E2EE messaging protocol (RingCentral uses Message Layer Security, or MLS), communications are end-to-end encrypted between meeting participants. Participants can have confidence that their communications can transit or pass through the service provider’s network without any chance of eavesdropping or processing by the service provider.  

In a nutshell, E2EE ensures that your meeting contents are confidential and can’t be modified. 


End-to-end encryption:

  1. The sender’s channel encrypts data to send to other participants via the video provider.
  2. The video provider processes encrypted information. 
  3. Other participant‘s channels decrypts data received from the sender.

The tradeoff with E2EE is that since the video provider has no access to the meeting contents, it can’t provide services such as video recording or live transcripts when processing is required at the provider’s back end.

(Spoiler alert: RingCentral is working to move critical processing to the client side to ensure that we can provide support such as closed captioning within an E2EE meeting. Watch this space.)

Why E2EE matters

For video meetings where you want total privacy and data security, E2EE adds an extra layer to mitigate risk and shield sensitive information. Here’s how:

Which is best for you?

Remember that there are advantages and disadvantages to both end-to-end (E2EE) and point-to-point (P2P) encryption.

With E2EE, you have total confidentiality and peace of mind that your video meeting is fully private—but value-added services such as live transcripts and cloud recording won’t be available.

With P2P or encrypted data-in-transit, you have protection from eavesdroppers while your communications are en route from sender to receiver; explicit provider access allows value-added services including live transcripts/closed captioning, cloud recording, and more. If you need to uplift your security, then E2EE is the way to go.

What 99.999% uptime really means for your business

Read the blog

Of course, how you approach each video meeting will be different. For example, a monthly all-hands meeting might benefit from services like closed captioning. A meeting to discuss sensitive financial or legal information, however, requires total privacy and deserves the uplifted security of end-to-end encryption

When coupled with RingCentral’s high availability (99.999% uptime, or less than 5 minutes of unplanned downtime a year), RingCentral’s E2EE video conferences provide unparalleled security and data protection with confidentiality, integrity, and availability. 

Go ahead. Try it out.

Last month, we announced the launch of end-to-end encryption, which is now available to all RingCentral users (currently in open beta). 

When you choose to activate end-to-end encryption, we won’t have any access to your meeting contents. At the same time, video meeting services will be disabled while E2EE is on. Hosts can toggle on E2EE when scheduling a meeting through the RingCentral app or RingCentral Scheduler for Outlook.

Learn more about using end-to-end encryption in our knowledge base article and FAQ

Originally published Sep 13, 2021, updated Sep 17, 2021

Share

URL copied

Related content

RingCentral updates

Introducing a new wave of innovations to supercharge global hybrid teams

Security

How we build enterprise-grade security into every part of RingCentral MVP

Security

What is C5 attestation and why is it important?

Before you go...
Get our very best content for free and start working better from anywhere
You’re in! Thanks for signing up. Keep an eye out for our emails in your inbox.
Get the Remote Work Playbook
Everything you need to know in one place
Get the 2021 State of Hybrid Work Report
Learn how businesses are managing a partially remote workforce
You’re in! Thanks for signing up. Enjoy your copy of the Remote Work Playbook.