Regular corporate WebEx conference meetings lack passwords and are thus open to anyone who wants to listen in.
According to research by Brian Krebs on Cisco’s WebEx video and audio conference-based meetings, he found that many do not follow the basic best practice and allow virtually anyone to join daily meetings about apparently internal discussions and planning sessions.
Many meetings that can be found by a simple search within an organisation’s “Events Center” listing on Webex.com, which seem to be intended for public viewing, but it is often easy to discover a host of other, more proprietary WebEx meetings simply by clicking through the daily and weekly meetings listed in each organization’s “Meeting Center” section on the Webex.com site. Some entities even also allowed access to archived event recordings.
Cisco began reaching out to users and companies about a week ago, and today released anall-customer alert pointing customers to a consolidated best-practices document written for Cisco WebEx site administrators and users.