Jitsi Meet is an open source video conferencing solution that can be hosted on-premises or in the cloud. Compared to hosted services like Google Meet, WebEx, or Zoom, Jitsi calls are encrypted through your own server(s), providing enhanced privacy & security and peace of mind.
Online meeting applications such as Zoom require both moderators and guest attendees to install browser plugins, desktop or mobile clients to access their meetings. Security researchers & zero-day attackers have discovered security flaws in Zoom which allow attackers to remotely spy on your computer’s webcam and microphone. Some releases of Zoom also allowed attackers to elevate to root access on client machines, posing a critical security risk.
Although Zoom has patched the vulnerabilities that have been discovered so far, its sudden rise from 10 million to 200 million daily active users have made Zoom a prime target for cybercriminals who want to break into corporate and government networks. The situation is so severe that IT departments including at the Australian Defense Forces, Google, NASA, NYC Department of Education, SpaceX, and the Taiwan government have all forbidden their employees from using Zoom at work.
As Zoom struggled to keep up with the explosion in demand when “social distancing” and “work from home” policies came into place around the world, some Zoom calls outside of China were routed through Zoom’s Chinese servers. This is an enormous privacy concern for corporations and government organizations that are sensitive to cyber-espionage risks.
Normally Zoom calls are routed through the closest server to one’s geographic region. For example, a call between two attendees in Europe should normally stay within Europe. But when you entrust your privacy to a third-party such as Zoom, you can never know whether that is the case.
Jitsi is a more secure alternative to Zoom for video conferencing, because the traffic is routed through servers that you control. All connections are encrypted with your own SSL certificates, which means you don’t have to trust a third-party provider (unless you want to). These servers can reside in your office, a co-location datacenter, or a cloud provider.
Furthermore, Jitsi leverages the WebRTC protocol for streaming video, a standard that is widely maintained by major browser vendors – particularly the Chromium project. WebRTC has been found to adapt better to low-bandwidth connections with equal or better performance to proprietary codecs used by applications like Zoom.
Although Jitsi Meet can be used as a standalone voice & video conferencing server, it is commonly integrated with a chat app such RocketChat – an open source alternative to Slack. With the RocketChat integration, users can create 1-to-1 or channel calls with a single click from the RocketChat interface. Users can also join calls using the Jitsi Meet mobile app available for Android and iOS. Screen sharing without additional plugins (and if configured, call recording) is supported.
Jitsi Meet can be branded with your organization’s URL and logo so your customers have confidence that they are meeting with your employees on a trusted platform.
For 1-to-1 meetings, Jitsi can often establish a peer-to-peer link between the two attendees. For meetings with 3 or more people, the Jitsi Video Bridge (JVB) relays the audio and video streams between the attendees. Therefore, it’s important for the Jitsi Meet server to have a high bandwidth network connection, especially if you plan to host video conferences with a large number of attendees.
Setting up Jitsi Meet can be challenging for end user organizations, especially since most likely, their users will be behind a NAT. The Jitsi server may also be behind a NAT itself, whether it is a network gateway or a virtual network in Docker.
Ports 4443 (TCP) and 10000 (UDP) need to be open and forwarded to the server. With some network architectures, a STUN server is also needed to traverse NAT and discover the public IP addresses of the WebRTC peers. Otherwise, users will experience call failures or a “black screen” when turning on their audio and video.
Integrating Jitsi Meet with RocketChat can also be a challenge. If you only want internal users authenticated to RocketChat to be able to set up Jitsi calls using your Jitsi server, you need to set up a JSON Web Token (JWT). When a new meeting is set up, Jitsi will challenge the RocketChat server to provide the JWT. If the JWT matches the value that Jitsi Meet is expecting based on its configuration, then the room will be created.
Moderators can easily secure their Jitsi meetings by adding a password to their Jitsi meeting, which will prevent further attendees from joining unless they have the password. There is no limit to the number of Jitsi meeting rooms you can create, and the number of simultaneous calls is only limited by the bandwidth and processing power that your Jitsi deployment supports.
If you are concerned about the confidentiality of the voice and video calls that your users hold over Google Meet, Webex, or Zoom, you should consider deploying Jitsi Meet as a secure alternative. Browser vendors have security response teams that work around the clock to patch any vulnerabilities that are discovered in their browsers. As long as your end users practice good security hygiene and keep their browsers up-to-date, using WebRTC in Chrome or Chromium-based browsers is a more secure solution compared to installing additional third-party applications such as WebEx or Zoom.
Contact us about how Jitsi Meet and RocketChat can enable your remote workforce to stay productive even if they are not physically together in the same office. There are no per-seat license fees with Jitsi Meet or RocketChat, making them a cost-effective solution compared to Slack Premium or Microsoft Teams.
