Secure Online Meetings

Spot the drop-in attendee, remove them, lock the meeting, file the report.

What Is Secure Online Meetings?

Recurring internal meeting links accumulate exposure over time. They get pasted into Confluence pages, dropped into Slack threads, archived in calendar exports, and slowly leaked - until one Wednesday morning, an attendee you have never met joins your weekly project sync fourteen minutes in, claims to be a new contractor, and starts asking very specific questions about your customer database and where the data is stored. This exercise puts you in the host seat. You begin a routine team meeting, get interrupted by an unfamiliar attendee whose introduction is plausible enough that the polite move is to keep going, and have to choose between answering or stopping to verify. You read the participant card and find a free personal email address on a domain that has nothing to do with your company. You remove the attendee, lock the meeting so they cannot rejoin on the same link with a different display name, and file an incident report that lets SOC block the attacker at the meeting platform and hunt for parallel drop-ins on the rest of the company's recurring links. You then walk through the structural fixes - waiting rooms, passcodes, and a fresh meeting link per session - that prevent this attack from being possible at all.

What You'll Learn in Secure Online Meetings

Secure Online Meetings — Training Steps

  1. A Regular Wednesday Morning

    It is just past 10 AM. Alice settles into her home office for the team's weekly Q3 Roadmap Review with Marcus Webb and Sarah Chen. The meeting is recurring, the link has been the same for months, and the agenda is routine - Q3 priorities, customer migration timeline, and a few items to defer.

  2. Open The Meeting App

    The Q3 Roadmap Review is on Alice's calendar. Marcus and Sarah have already accepted; the meeting starts in a minute.

  3. Start The Q3 Roadmap Review

    The meeting is on today's schedule. Alice clicks it to start.

  4. The Meeting Begins

    Alice, Marcus, and Sarah are on the call. The team starts working through the Q3 priorities - the customer migration timeline first, then deferrals.

  5. An Unexpected Attendee Joins

    Fourteen minutes in, a fourth participant joins the call. The display name reads Daniel Foster . Alice does not recognise him - and there was no introduction email on the team thread this morning.

  6. Pause Before You Answer

    Daniel says he is a new contractor, his manager forwarded him the link, his camera is off because of his home network, and his first question is about the database the customer migration is hitting. Alice's instinct is to be polite and answer. But she has been hosting this meeting weekly for months and she does not remember anyone telling her there was a new contractor joining today. What is the safest next move?

  7. Read The Participant Card

    Alice opens Daniel's participant card. Display names are decoration. The address is the truth.

  8. The Probing Continues

    Daniel keeps going. The questions are not about the project - they are about the systems. Where the customer list lives. Whether someone can share the project board. Marcus has already noticed something is off.

  9. Remove The Attendee

    Enough. Alice opens the menu on Daniel's card and removes him from the meeting. If it turns out he was legitimate, an apology on Slack is cheap. What is not cheap is unsaying anything that has already been shared on the call.

  10. Lock The Meeting

    Removing him is not enough. The same link is still live, and a removed attendee can rejoin with a different display name in seconds. Alice locks the meeting so no new attendees can come in until she ends it herself.