Access management
Stay in control of your meetings
Effective management of access and meeting rights in Tixeo
limits intrusions and protects your sensitive communications and data.
Only your guests can participate in the discussion
Your online meetings often involve sensitive business information. Make sure every participant’s identity is verified.
Adapt the security level with profiles
With Tixeo video conferencing, CSPN-certified by ANSSI,
you can customise the security level of your meetings without complex configuration, thanks to security profiles.
Objective: strengthen the protection of access and data.
 |
With security profiles, configure different types of meeting by defining for each one:
When you create a meeting, simply choose the appropriate profile. |
 |
Security profiles are created and configured by the profile manager for each organisation. The meeting organiser has nothing to set up: they simply choose the profile that matches the sensitivity level of their meeting. |
 |
Profiles can be based on standard security levels (from Level 1 Public to Level 5 Top Secret) or on the organisation's internal classification. Examples:
|
Security profiles
With security profiles, configure different types of meeting by defining for each one:
- access conditions (Tixeo account creation or access via web browser),
- features to enable (screen sharing, recording, etc.),
- and the communication infrastructure used (geographical area or internal gateways).
When you create a meeting, simply choose the appropriate profile.
Profile configuration
Security profiles are created and configured by the profile manager for each organisation. The meeting organiser has nothing to set up: they simply choose the profile that matches the sensitivity level of their meeting.
Profile examples
Profiles can be based on standard security levels (from Level 1 Public to Level 5 Top Secret) or on the organisation’s internal classification. Examples:
- for a “Level 2 – Internal” profile, screen sharing, recording and web access could be enabled.
- for a “Level 4 – Restricted” profile, it is preferable to limit access to authenticated members only, on an internal server, and without enabling recording.
Which profiles for which meetings?
Executive Committee, Board of Directors
For high-stakes meetings, restrict access to authenticated members only, disable screen sharing, and force routing through internal servers.
International subsidiary coordination and steering
For multi-site team meetings, select the corresponding local gateways: you enhance stream quality while ensuring your data remains within authorized perimeters.
Interviews, financial audits, provider follow-ups
For meetings with external partners, authorize web access via PIN code and adjust the features available during the session (recording, screen sharing, etc.).
Each access request is verified
Meeting participants must confirm their identity in order to access the following :
- their personal account,
- the list of scheduled meetings,
- the directory of contacts (first and last names),
- and the instant messaging feature.
Virtual waiting room
In the case of web access to a Tixeo meeting, the guest enters the PIN code received by email and enters a virtual waiting room. The organizer checks the attendance request and approves or disapproves it.
Participants’ rights
When they join a Tixeo videoconference, participants have only minimal rights:
- communicate by audio, video or messaging,
- view shared documents.
- in Conference mode, only messaging is available to participants.
Le participant à une réunion doit confirmer son identité afin d’accéder :
- à son compte personnel,
- à la liste des réunions,
- à la liste des noms et prénoms de ses contacts,
- et à la messagerie instantanée.
Salle d’attente virtuelle
Dans le cas d’un accès web à une réunion Tixeo, l’invité renseigne le code PIN reçu par mail et entre dans une salle d’attente virtuelle. L’organisateur vérifie sa demande de participation et l’approuve ou la désapprouve.
Droits des participants
Lorsqu’ils entrent dans une visioconférence Tixeo, les participants ne possèdent que des droits minimaux, à savoir :
- communiquer en audio, vidéo ou par messagerie,
- visualiser des documents partagés.
- en mode Conférence, seule la messagerie est disponible pour les participants.
Access privileges and permissions
With Tixeo, 5 permission levels are clearly defined to prevent security breaches and unauthorized access.
The administrator
Manages subscription and meeting server settings, appoints managers and ensures the technical maintenance of the system.
The organization manager
Manages license and meeting server settings, and can delegate user management and profile configuration.
The profile manager
Creates and manages an organization's profiles.
The user manager
Manages a server's user database, adds or removes accounts (Tixeo PrivateCloud or TixeoServer only).
The user
Can organize meetings, moderate one or several Workspaces, and join meetings as a guest.
Users can monitor more or less detailed statistics on the solution's usage based on their access privileges.
Discover video conferencing statistics trackingA lost or stolen device?
Easily manage the devices connected to Tixeo
Multiple devices
connected to the account
Loss or theft reported
directly by the user
Subscription manager notified.
Immediate alert
Access is revoked,
data is protected
Each user can connect multiple devices to their Tixeo account. In case of loss or theft, the user reports it directly from their account: the organization manager is notified and proceeds with revocation.
The conversation history in Workspaces remains intact and accessible from another device.
The benefits of controlled access management with Tixeo
Seamless security
Meeting security is configured automatically through profiles. Access conditions, authorized features, infrastructure used: everything is already set. No manual adjustments, no risk of oversight or error.
Regulatory consistency
With profiles defined by the profile manager and applied by organizers, your compliance requirements apply to every meeting, regardless of who organizes it, with no gaps between teams or sites.
Streamlined device management
The organization manager has a full view of registered devices and can remove any of them at any time, instantly revoking the associated access rights.
Data protection
The compartmentalization of Tixeo meetings ensures that audio, video and shared documents are accessible only to authorized participants, significantly reducing the risk of data leaks.
Participant control
When meeting access does not require a personal account, guests pass through a virtual waiting room where the organizer manually approves each participation request before any access to the exchanges.
Enhanced authentication
Tixeo offers several authentication levels: through a personal account or a unique PIN code, from the software or a web browser, to secure access to every meeting.
Since 2017, the French National Cybersecurity Agency (ANSSI) has renewed Tixeo's CSPN certification three times, a proof of reliability and commitment to cybersecurity.
For a CIO or a Security Officer, protecting access to corporate networks and resources is a top priority.
Whether deployed in the cloud or on-premise, Tixeo integrates seamlessly with your LDAP or Active Directory systems.
The organizer controls their meeting
Only the organizer holds all the rights in a meeting
to keep an eye on participants, before and during the exchanges.
Organizer rights
- Share documents (screens, applications, files…),
- Grant sharing rights to another participant,
- Remove the right to speak, or even the right to display the camera,
- Exclude a participant,
- Cancel a participant's invitation.
With Tixeo, an organizer can delegate the organization and management rights of a meeting from the very planning stage.
Meeting compartmentalization
Meeting separation is a fundamental requirement for Tixeo to prevent data leaks.
Why does it matter?
Session isolation
Every meeting runs in its own independent process: video and audio streams, along with shared documents, are accessible only to authorized participants.
No traces left behind
As soon as the meeting ends, all data associated with the video conference (history, messaging, files, recordings…) disappears. It is impossible to access data from one session in another.
Enhanced security
in physical meeting rooms
They would only see an unreadable sequence of digits, since they do not have your key.
At your next login to the software, a new encryption key will be assigned to you.
Zoombombing, an ongoing scourge
"Zoombombing" is an unwanted intrusion into an online meeting,
generally caused by a lapse in member rights and access management
and the mass sharing of a simple meeting link.
It can lead to:
- disruption of the meeting proceedings,
- leaks of confidential information,
- shock or offense to a group of underage or unsuspecting individuals,
- negative impact on the reputation of an organization or public administration, whose liability may be at stake.
2 examples of zoombombing:
- A video conference held by the then French Minister of Industry interrupted three times by pornographic videos, as the minister was addressing 200 voters from his constituency.
- An online meeting of the U.S. Federal Reserve, attended by around a hundred representatives of major American banks, was disrupted by an individual's intrusion and the broadcast of offensive videos.
How can I prevent intrusions in video conferencing?
Secure by design architecture
A Secure by Design video conferencing solution, like Tixeo, takes security criteria into account at every stage of its development.
Controlling meeting rights
Organisers must remain in control of their videoconferences, thanks to advanced rights management that optimises the efficiency of meetings.
Secure by design architecture
A Secure by Design video conferencing solution, like Tixeo, takes security criteria into account at every stage of its development.
Controlling meeting rights
Organisers must remain in control of their videoconferences, thanks to advanced rights management that optimises the efficiency of meetings.
Raising employee awareness
With the development of AI and deep fakes in video conferencing, employee training is essential to maintain the right security reflexes.
Augmented security
Tixeo’s Augmented security feature allows you to require a secret access code before entering into a critical exchange with one or more participants.
Raising employee awareness
With the development of AI and deep fakes in video conferencing, employee training is essential to maintain the right security reflexes.
Augmented security
Tixeo’s Augmented security feature allows you to require a secret access code before entering into a critical exchange with one or more participants.
For security reasons, we advise against sharing an online meeting invitation link too widely.
Tixeo complies with official recommendations
The European Union’s cybersecurity agency (ENISA) and the Cybersecurity and Infrastructure Security Agency (CISA) recommend a series of features for secure video conferencing tools such as :
- the virtual waiting room, to see and assess participants trying to access your event before granting them access
- participant rights management (screen sharing, recording or document sharing authorisations)
- the possibility for the organiser to withdraw one or more undesirable participants from the videoconference
With Tixeo, take advantage of these security features by default, to ensure the confidentiality, integrity and availability of your most critical online communications.
Organizations in sensitive sectors are now using Tixeo’s solution to secure their most confidential internal and external exchanges.
Everything you need to know about access and rights management
Definition of access management
What is access management?
Access management involves controlling user authorisations to access systems, data and IT services, often via an IAM (Identity and Access Management) solution.
What are the best practices for identity and access management (IAM)?
Best practices include centralised identity management, the use of multi-factor authentication, and the implementation of strict security principles.
Implementing an IAM solution requires centralised administration, well-defined management processes, and a robust cybersecurity policy.
What tools are used to manage access?
IAM solutions, PAM (Privileged Access Management) systems and advanced access control solutions. In addition, access should be audited regularly to detect any anomalies.
How does single sign-on work?
Single sign-on (SSO) is a rapid way of facilitating the login process by enabling a single digital identity to be used to access several applications.
Videoconference access management
Why is access management an issue for online meeting tools?
In a world where cyber-attacks are on the increase, implementing an effective security policy is essential to reduce the risks of hacking.
Companies share sensitive information during videoconferences, and this information is subject to covetousness. Recent examples of zoombombing are a reminder of the importance of effectively managing access issues for online meetings. Poor management of user roles can lead to data leaks, compromising information security. Implementing an access and rights control system is an essential challenge and an important step in software design to avoid the risks of unauthorised access.
How do you secure access to video conferencing data?
There are various rules for avoiding zoombombing situations. The access management policy is fundamental to protecting data. Secure access is based in particular on multi-factor authentication (MFA), authorisation management, control of rights and the implementation of a virtual waiting room or access via PIN code or unique identifier.
Tixeo's secure video conferencing solution includes advanced access and rights management as well as meeting partitioning. Several levels of security are available to adapt protection to the criticality of exchanges. Another of the best ways of limiting intrusions is to limit the sharing of meeting connection links. Access privileges are assigned on the basis of roles within the organisation, for precise and efficient management of authorisations.
What are the risks associated with poor access management?
Sharing a link to an online meeting has become widespread. However, widespread distribution of these invitations exposes organisations to the risks of zoombombing and data theft. Unauthorised intrusions into highly confidential or secret communications can have serious consequences for an organisation's reputation or even for national stability.
A case in point was in 2024, when a confidential videoconference exchange between German army officers on the war in Ukraine was leaked and sparked diplomatic concern.
The solution chosen by organisations must be compliant with cybersecurity and data protection regulations.
Access and rights management issues and challenges
Why is it important to manage access?
The main reason is that poor access management exposes the organisation to the risk of hacking and unauthorised access, and jeopardises its IT security. IT Departments need to implement an access management policy that complies with IT security requirements and current regulations. This also involves managing access to employees' workstations, whether they are in the office, working in a hybrid environment or teleworking.
Tixeo access and rights management allows you to strengthen the security of your hybrid work environment.
What are the challenges of access management?
Access management challenges require a rigorous approach to protect against the risks of zoombombing, security problems and identity theft. It involves the complex management of identities on a large scale, reducing the possibility of unauthorised access to data.
One of the advantages of Tixeo is its robust access control, which is essential for protecting sensitive information exchanged between employees. What's more, the solution complies with various European and international standards, such as those of ENISA and CISA, concerning the security of online communications.