Webex

Webex

Cisco
Wi-Fi

Review date: Sept. 8, 2021

|
|

Mozilla says

|
People voted: Somewhat creepy

Webex is a video call app made by Cisco targeted at business users. It did beef up its free version when the pandemic hit in 2020. The free version offers up to 100 participants per call and meetings as long as 50 minutes. Webex offers the standard fare of video call app features – high quality video and audio, downloads on desktop or mobile app or access through a browser, screen sharing and recording, and the like. Webex is used by many healthcare businesses as it can be compliant with US HIPAA medical privacy laws. Cisco Webex also touts their pioneering use of artificial intelligence in their video conferencing product to do things like facial recognition, meeting transcription, and an in-meeting AI personal assistant.

What could happen if something goes wrong?

Webex by Cisco seems to put a strong emphasis on security with its products. For a product that's used frequently by financial and healthcare providers and can be HIPAA compliant, that is a good thing. End-to-end encryption isn’t enabled by default, so good to enable that, even though it will cause some features to not work. Webex has had a few known security vulnerabilities pop up. Fortunately, it looks like the company was responsive when these vulnerabilities were discovered and quick to push a fix out to their users. They do say they can collect a fair amount of data, as most of these video call apps outside of the privacy focused apps seem to do. They say they won’t sell this data but they can share it with other Cisco businesses as well as third-parties and contractors. And we found the password requirement for free users is weaker than for business users, so if you're using the free version of WebEx, it's probably still wise to make your password something really long and complicated like "iMNotW3aringpAnyPanTsiNThisM33ting!" or something like that.

mobile Privacy warning Security A.I.

Can it snoop on me? information

Camera

Device: N/A

App: Yes

Microphone

Device: N/A

App: Yes

Tracks location

Device: N/A

App: Yes

What can be used to sign up?

What data does the company collect?

How does the company use this data?

Cisco claims to not sell data nor to serve ads on its app. They also promise to not track your usage or content for advertising purposes. However, the data may be shared with numerous Cisco's business partners, service vendors, authorized third-party agents, contractors, etc.

How can you control your data?

The retention rights are stated, but the retention periods are missing in Cisco's privacy policy. The method of data retention is data being either destroyed, deleted, anonymized, and/or removed from their systems. It's great to know they have a method to destroy data. We want to know how long they retain data and we could find no mention of that.

What is the company’s known track record of protecting users’ data?

Average

In November 2020, a flaw was discovered in Cisco Webex Windows application, with the help of their bug bounty program. With this flaw, a ghost could stay in a meeting while not being seen by others, even after being expelled by the host. Cisco addressed this vulnerability, and the company is not aware of malicious use of the vulnerability that is described in this advisory.

Can this product be used offline?

Not Applicable

User-friendly privacy information?

No

Privacy policy could be simplified

Links to privacy information

Does this product meet our Minimum Security Standards? information

Yes

Encryption

Yes

No end-to-end encryption by default. End-to-end encryption can be enabled at the cost of some features not working.

Strong password

Yes

Password requirements could be stronger for free users. Business users are required to create a passphrase with "at least 8 characters, at least one number, at least one lower case letter, at least one upper case letter, at least one special character." For free users, password requirements are only six characters minimum, with at least one number and one letter.

Security updates

Yes

Webex updates its mobile apps at least once a month.

Manages vulnerabilities

Yes

Webex parent company Cisco has a bug bounty program and there is a successful track record of its implementation.

Privacy policy

Yes

https://www.cisco.com/c/en/us/about/legal/privacy-full.html

Does the product use AI? information

Yes

Cisco is involved in the application of a range of AI-based technologies including natural language processing, speech technology, speech to text (STT) and text to speech (TTS), speech transcription and translation, noise detection and removal, face recognition, people insights.

Is this AI untrustworthy?

Can’t Determine

What kind of decisions does the AI make about you or for you?

Is the company transparent about how the AI works?

No

Does the user have control over the AI features?

Can’t Determine


News

Rethinking Zoom? How WebEx, Teams, and Google Meet and Duo Compare on Privacy and Security
Inc.
If you're among the many looking for a new video conferencing tool after adding "zoombombing" to your vocabulary, you're in luck. While a one-size-fits-all solution doesn't exist, there are many other options with proven security features. Here's a roundup of some of Zoom's competitors and their privacy and security features.
Cisco Webex Meetings Review
PC Magazine
Video conferencing service Cisco Webex Meetings offers a generous free plan and it's dropped its price considerably in the past couple of years. However, it has some feature limitations you'll need to test carefully before committing.
Cisco Clarifies Privacy Policy for Webex Videoconferencing
Consumer Reports
Cisco is making it easier to find out what personal information the company collects and how it uses it during videoconferencing calls on its Webex platform.
Webex security flaw allows people to secretly sneak into meetings as "ghosts"
TechRepublic
Now patched by Cisco, three flaws in Webex would have given intruders full access to a meeting without being seen, says IBM.
Cisco patches dangerous Webex vulnerability
Computer Weekly
Cisco is moving to patch a serious vulnerability in version 40.4.12.8 of its Webex video-conferencing Windows client that could allow attackers to open, read and steal potentially valuable or damaging content.
Collaboration in the Age of AI: How Cisco is Pioneering the Use of AI and Emerging Technology Within Collaboration
WebEx Blog
Artificial intelligence (AI) has become all the rage. Just the mere mention of it makes us think of hi-tech and some futuristic state that promises simplicity and instant knowledge.

Comments

Got a comment? Let us hear it.