Shopping cart
Your cart empty!
Documentation
Security & Compliance Guide
WhiteLabelZoom is built for organizations where security and regulatory compliance are non-negotiable. Self-hosted deployment, end-to-end encryption, and complete data sovereignty give you a video platform you can trust with your most sensitive communications.
Encryption
Multiple layers of encryption protect your video communications in transit and at rest. You control the encryption keys at every layer.
🔒
SRTP + DTLSWebRTC Media Encryption
All video and audio streams are encrypted at the transport layer using Secure Real-time Transport Protocol (SRTP) with Datagram Transport Layer Security (DTLS) key exchange. Media is encrypted from sender to receiver.
🔒
TLS 1.3Signaling Encryption
All signaling traffic — session negotiation, participant events, chat messages — is encrypted with TLS 1.3, the latest version of the Transport Layer Security protocol with stronger ciphers and faster handshakes.
🔒
AES-256Data at Rest
Stored recordings, chat logs, and user data are encrypted at rest using AES-256 encryption. You control the encryption keys on your own infrastructure.
Self-Hosted Security
When you self-host WhiteLabelZoom, there is no third-party vendor sitting between you and your data. Your encryption keys stay on your servers. Your video streams never leave your network. Your recordings are stored where you decide.
This eliminates the largest attack surface in any video platform: the vendor. No vendor-side data breaches. No changing privacy policies. No third-party employees with access to your infrastructure. You are the sole operator, and the security posture is entirely in your hands.
For more on the security advantages of self-hosting, see the Security page.
Access Controls
Control who can enter your meetings and what they can do once inside. Multiple layers of access control ensure only authorized participants join your sessions.
✓Meeting Passwords
Require a password to join any meeting. Passwords are set by the host and shared only with intended participants.
✓Waiting Rooms
Participants enter a waiting room and must be admitted by the host before joining the meeting.
✓Meeting Locks
Lock a meeting after all participants have joined. No additional participants can enter a locked meeting.
✓Role-Based Permissions
Define roles (admin, host, moderator, participant) with granular permissions for recording, screen sharing, chat, and participant management.
Audit Logging
Every administrative action is recorded in a tamper-evident audit log. Track who changed settings, created users, modified roles, or accessed recordings. Meeting-level events — participant join/leave times, recording start/stop, screen sharing sessions — are logged automatically.
Audit logs are stored on your servers and can be exported for compliance reporting, forensic analysis, or integration with your existing SIEM platform. Retention periods are configurable to match your regulatory requirements.
SSO Integration
Connect WhiteLabelZoom to your existing identity provider for seamless, centralized authentication across your organization.
SAML 2.0
Integrate with enterprise identity providers like Okta, Azure AD, OneLogin, and PingIdentity using the SAML 2.0 protocol. Users authenticate through your IdP and are automatically provisioned in WhiteLabelZoom.
OpenID Connect
Use OpenID Connect for modern OAuth 2.0-based single sign-on. Compatible with Google Workspace, Auth0, Keycloak, and any OIDC-compliant provider. Supports standard claims for user roles and group mappings.
Compliance Frameworks
Self-hosted deployment simplifies compliance because you are the sole data controller. There is no third-party vendor to audit and no data processing agreement to negotiate.
| Framework | Benefit | Details |
|---|---|---|
| HIPAA | Self-hosted eliminates BAA with video vendor | All Protected Health Information stays on your servers. No third-party vendor processes or stores patient video data. |
| GDPR | Choose your data residency | Deploy in the EU or any region. You are the sole data controller with full authority over processing and deletion. |
| FERPA | Student data stays on your servers | Educational institutions retain full control of student records and video data without sharing with external vendors. |
| SOC 2 | Deploy on SOC 2 certified infrastructure | Run WhiteLabelZoom on AWS, GCP, or Azure to inherit SOC 2 Type II certifications for your video infrastructure. |
| FINRA | Full recording retention control | Retain, archive, and audit all video communications on your infrastructure according to financial regulatory requirements. |
Security Hardening
Follow these best practices to harden your WhiteLabelZoom deployment and minimize your attack surface.
✓Firewall Rules
Restrict inbound traffic to only the ports required by WhiteLabelZoom (HTTPS, WebRTC media range, TURN). Block all other access at the network level.
✓Fail2Ban
Configure fail2ban to detect and block brute-force login attempts, repeated API authentication failures, and suspicious request patterns.
✓Regular Updates
Keep your operating system, Node.js runtime, and WhiteLabelZoom installation up to date. Security patches are released as they become available.
✓Backup Procedures
Implement automated backups for your database, recordings, and configuration files. Test restore procedures regularly to ensure data recovery capability.
Build on a Platform You Can Trust
Learn more about security, deployment options, or explore industry-specific compliance requirements.