Meeting bots are powerful tools that can significantly enhance virtual
collaborations. They excel at real-time transcription, creating accurate records of
discussions as they happen. They can automate note-taking, generate concise
summaries, and create lists of follow-up actions. By handling these tasks, they
enable participants to focus more on the content of the meeting, leading to more
productive and engaging discussions. Some meeting bots provide meeting analytics,
such as metrics on each participant's contribution and the emotional tone of
conversations.
Because of their usefulness, people have quickly adopted meeting bots to record
meetings and automate tasks on virtual meeting platforms. However, meeting bots can
pose significant risks to organizational security and privacy. They can join
meetings undetected, potentially recording sensitive conversations without consent,
leading to data breaches and confidentiality violations. Some meeting bots get
information from calendars, such as meeting schedules, participants, and topics.
This ability could also expose proprietary data to unauthorized parties.
To help you address the threats posed by meeting bots, SSPM now gives you
visibility into the meeting bots that
accessed meetings in the following virtual meeting platforms:
SSPM also detects the users who have synced meeting bots to their calendar (Google
Calendar or Outlook) to automatically join meetings.
To enable SSPM to scan these meeting platforms and calendar applications for meeting
bots, you onboard the
Zoom,
Office 365, and
Google Workspace apps to SSPM. If you
onboarded these apps to SSPM before SSPM introduced this meeting bot detection
feature, you must re-onboard them to enable meeting bot detection.
After you onboard one or more of these apps, SSPM scans your app instances at regular
intervals for a set of predefined meeting bots. SSPM displays this information in a
new Meetings page (). Initially, the Meetings page shows only information about users who
have synced bots to their calendar. SSPM displays information about bots that were
present in meetings only after new meetings are held, and SSPM runs its meeting
scans.
In addition to showing the number of meetings with bots and the bot users, SSPM shows
information that you can use to determine whether you want to allow the meeting bot
in your organization. For example, the Meetings page shows a risk score for each bot
and the number of external users who attended meetings where the bot was present. If
you determine that you don’t want to allow a particular meeting bot in your
organization, you can revoke the bot. Revoking a bot removes it from all the
calendars through which it could access meetings. If you linked SSPM to an issue
tracking system, you can, instead of revoking the bot, create a ticket to
investigate the bot usage further. For example, you could open a ticket to get more
information from the bot users.