Working Remotely - Zoom Security

December 14, 2023

Zoom and other video conferencing software are becoming a routine part of this new corona virus world. Our CEO, Tom Blanchard, was contacted by the media team at The Dunstan Group to get his opinion on Zoom security issues. We’ve also included our newsletter on Zoom Security Issues & Tips below. You’ll find what we think is very helpful information on how you can protect yourself using Zoom.

Zoom Security Issues & Tips

It's a very different world today than it was just a few weeks ago and that includes the technology we use on a daily basis. Many of our clients are working from home and utilizing video conferencing tools like Zoom to stay in contact with their coworkers, clients and other business contacts. As a result, we'd like you to be aware of why companies like Zoom are experiencing security-related issues and what you can do to help make your video conferencing experience more secure. We're going to discuss Zoom in particular, but it's safe to say the same applies for other video conferencing software as well.Why is this a problem?According to Zoom, their usage has increased from 10 million daily users in December to over 200 million in March. Additionally, their CEO, Eric Yuan, says in best in his recent blog post saying, "Our platform was built primarily for enterprise customers - large institutions with full IT support.". He continues to say, "We did not design the product with the foresight that, in a matter of weeks, every person in the world would suddenly be working, studying, and socializing from home. We now have a much broader set of users who are utilizing our product in a myriad of unexpected ways, presenting us with challenges we did not anticipate when the platform was conceived. These new, mostly consumer user cases have helped us uncover unforeseen issues with our platform."What is the problem?Zoom is experiencing a wide variety of security & privacy issues. The website Motherboard found that Zoom was sharing data with Facebook, even data on people who are not Facebook users. Zoom says that was a mistake but is now facing a class action lawsuit. Zoombombing has become a new term to describe hackers that somehow obtain a link to a Zoom meeting, join the meeting and disrupt the meeting by posting pornographic images and other inappropriate material. Additionally, Zoom has become an easy target for Brute Force attacks where hackers are obtaining data from Zoom meetings.What can I do to protect myself?We're providing some simple recommendations that can greatly increase your security while using Zoom.

  1. Don't use confidential information when creating a zoom meeting. According to security professionals, hackers can obtain a meeting's date, time, organizer & topic. Currently, there is no evidence we've seen that shows hackers are able to view the actual video from Zoom meetings. Just be careful with the text you type in when using Zoom.
  2. Don't share control of your screen when hosing a public Zoom meeting. The internet is riddled with user experiences that shared their screen with the wrong person, only to have a hacker essentially take over the meeting. Be very careful when sharing control of your screen!
  3. Understand that anyone with your meeting ID can access your meeting. If you invite someone to your meeting and their email has been hacked, you're essentially opening up your meeting to the world.
  4. Require users be signed into Zoom with the same email address you used on their invitation. A paid version of Zoom is required. You can use Zoom's Authentication Profiles to lock down your meeting. You can require everyone in the meeting to have an actual Zoom account that matches the email address you choose. See the following link for How To Steps:
  5. Send the meeting password separately. Zoom has a feature that will allow you to require a password to enter a meeting. An easy way to add an extra layer of security is to make sure you do not include the password when sending out the meeting ID. Send a second communication with the password and, if possible, use a different method of communication to send the password. This would be a very helpful step for more confidential meetings.

It appears Zoom is going to be part of our lives for at least the near future. In response to the issues we've mentioned and more, the Zoom CEO has announced that they are halting development on new features for the next 90 days to focus on these security & privacy concerns. In the meantime, we hope these little security tips will help ensure you have a more secure Zoom experience.Thanks very much everyone.Tom Blanchard & the team at Sterling Technology Solutions