Levels of Encryption Security
The Webex app encrypts messages, files, and names of spaces on your device before sending them to the cloud. When the data arrives at our servers, it's already encrypted. It's processed and stored until it's decrypted on your device. However, the app can’t provide end-to-end encryption for messages and files linked to in-app automation tools like bots or integrations or to Adobe Acrobat PDF and Microsoft Word documents sent to spaces from Box.
We use Secure Hypertext Transfer Protocol (HTTPS) to encrypt data while in transit between your device and our servers, which protects the identities of both senders and receivers.
Our end-to-end encryption uses Advanced Encryption Standard (AES) 128, AES256, Secure Hash Algorithm (SHA) 1, SHA256, and RSA.
For audio, video, and screen sharing, we encrypt shared content using the Secure Real-Time Transport Protocol (SRTP).
Security Features in Webex Spaces
You can add extra security by using moderators for teams and spaces. If teamwork is sensitive, you can moderate the space. Moderators can control who has access to the space, and delete files and messages.
Also, if any spaces include people from outside your company, you'll see some areas in those spaces highlighted, like the border, background, the icon in the message area, and their email addresses.
Privacy for Files and Messages
The Webex app uses advanced cryptographic algorithms to safeguard content you share and send. The only people who can view files and messages in a Webex space are those invited to that space or authorized individuals.
Password Security Standards
IT teams can add features that use existing security policies like single sign-on (SSO) or synchronizing Webex with employee directories. Webex automatically recognizes when someone has left a company, so former employees won't be able to access company data using the Webex.
Your company can also configure Webex so that it requires passwords and authentication that match your corporate security standards. The Webex app supports identity providers that use Security Assertion Markup Language (SAML) 2.0 and Open Authorization (OAuth) 2.0 protocols.