During this period of enforced telecommuting, use of video conferencing apps has soared. Among the many apps available, Zoom has emerged top of the heap with its lower price point and better functionalities. By now, most of you would have had a meeting on this platform at least once. However, are you doing so safely?
In a message by Zoom’s CEO Eric Yuan, their daily users have grown to more than 200 million, a massive spike from the 10 million users they had in December 2019. As the software is pushed into the spotlight, so too is its security and privacy, or lack thereof. This is underscored by them being sued in California for allegedly giving user’s data to companies including Facebook, without notifying their users adequately. Even the FBI got involved, advising users against sharing links widely after reports of unidentified individuals invading school sessions.
Given its popularity and increased usage, it is no surprise that cybercriminals are exploiting this opportunity. An increasing number of “Zoom” domains are being registered as well, so take a second look the next time you receive a link from “Zoom”. With our dependence on it for telecommuting during this pandemic, we must learn how to enjoy its benefits without being vulnerable to critical threats.
Update Your Software
Zoom updates its security features quite frequently to address bugs and security breaches. One such breach, the ability to discover and eavesdrop on meetings, were fixed in a recent update. However, if you have not updated your Zoom software, you would have missed out on this fix. Contrary to popular belief, the security breach is not fixed just because the developer has addressed it. You will need to run a software update before the changes come into effect.
Manage Your Meetings
You can choose to password-protect your meeting rooms, and it’s an option you should always take. This prevents anyone from randomly keying in a string of numbers and chancing upon your meeting room. However, that is not the only thing you can do. Pay attention to how participants get invited into the call as well. Connect to Zoom via SSO (single sign-on). As a host, you should also enable your “Waiting Room”. This way, you can screen the participants requesting access before letting them into the call, where sensitive information might be shared.
Once in the call, you can have the additional option of managing the type of content participants share. This could range from disabling participant’s screen-sharing capabilities, to muting their microphones and restricting the use of their camera. This will prevent instances of participants displaying inappropriate content during the teleconference.
For easier minute-taking, Zoom allows you to record your video calls and export them when the session is over. This is great for updating those who were not present at the meeting. However, this also means that your participants can export the recorded file. In the wrong hands, this could lead to severe data leaks. That is why you should also limit the participants who can record the session. Zoom lets you cherry-pick who has the right to record, and you need to make sure whoever is chosen has earned your full trust.
Of course, there is still the possibility of participants recording the meeting using external devices. A sensible rule of thumb is to always act under the assumption that you are being recorded. Regulate your information sharing accordingly during your Zoom sessions, and save really sensitive data for more secure means. After the call, make sure that you do not upload the videos to shared platforms or your iCloud, where other non-relevant parties could gain access.
Zoom is very likely going to be a big part of our communications moving forward, especially with remote work arrangements becoming more prevalent. It is expected to stay this way even after the pandemic, as this arrangement is less resource-intensive compared to managing a physical office. These small tips could save you a massive data leak down the road.