In the wake of major security breaches, Zoom has settled with the state of New York with a pledge for greater privacy and default security settings on the now ubiquitous conferencing app.
Details of the settlement include new encryption and security measures to protect users of all kinds (paid, unpaid, teachers, and students). In addition to new privacy controls and a “comprehensive data security” program, they’ve acquired Keybase to help ensure privacy while conferencing at every level.
The COVID-19 outbreak spurred an unprecedented move from office to remote work, from schools to distanced learning and from in-person social gatherings to virtual happy hours and birthday parties. Zoom has been the primary beneficiary of this historic shift.
The problems for the software company began in late March when users began to report “zoombombing.” Zoombombing occurs when an unwanted visitor joins a zoom meeting. This phenomena triggered an FBI investigation into the dramatic increase in video hacking. The investigation revealed, among other things, dangerous security flaws in the now incredibly popular software.
Findings included a lack of end-to-end encryption—a system that excludes outsiders from accessing communications between designated individuals—despite Zoom’s advertising its use. Other findings revealed major security flaws, including software that could add users to calls without their permission and give hackers access to users’ Mac computers, including the use of their microphones and cameras.
Motherboard found that Zoom was also selling user data to Facebook for advertising purposes, and while Zoom denied such a claim, the stipulation was included in a California lawsuit that was filed at the end of March.
Moving Forward with Zoom
The now indispensable app has improved security for users of all types, sharing detailed information and instructions for end-users on their website to instill greater confidence while using the app. But for those who are looking for a more detailed look at how to protect their privacy and company information from potential hackers, here are the things you need to know.
1. You Can Now Password Protect Your Meetings
If you’re creating a meeting with coworkers, friends, family, or anyone else, you can now create a password for the invitees. This will prevent any unwanted hijackers from jumping into your meeting unexpectedly. This feature can be found under the “settings” tab once you’ve logged into Zoom.
2. You Can Now Meter Who Joins Your Meeting with Waiting Rooms
Chances are, you learned about this feature the hard way, when one of your team members started pinging you that they couldn’t get into your meeting. The Waiting Room feature is super helpful once you know that it exists. As the host of the meeting, you can now keep every new meeting member in a waiting room and let each one in after vetting their identity.
3. You Can Now Use a Randomly Generated ID
Instead of using your own personal meeting ID, you can create a randomly generated ID every time you invite folks to a new event. This is another way to prevent potential hijackers from jumping into your meetings.
More Tips for Hosting a Successful, Safe Meeting with Zoom
In addition to the new and enhanced features Zoom has implemented in the wake of the breaches, hacks, and lawsuits, there are also some best practices that you can use to ensure that your meetings and online social engagements go smoothly without any unwanted interruptions.
Lock it Down: Once your meeting has started, and all desired participants are accounted for, you can virtually lock the door to your meeting to prevent anyone else from joining. You can do this in the “Manage Participants” tab.
Disallow Screen Sharing: While this isn’t ideal for social calls, it might be a good idea for team meetings at work to prevent any unwanted bombing or accidental show and tell. (We’ve all seen these online by now.) You can do this in the “Security” tab.
Always Update: Software companies like Zoom are always updating their systems to account for the latest breaches, hacks, and potential issues caused by negative outside forces. One of the best pieces of cybersecurity advice for every end-user of just about every type of software is to stay up-to-date on software updates. Zoom is not an exception.
Zoom is not Malware
Contrary to what some experts were claiming at the beginning of the Zoom security controversy, Zoom is not actually Malware. It remains to be seen whether the changes they’ve made are foolproof, but in the age of the internet, virtually nothing is 100% foolproof. Zoom has become and will likely remain the go-to conferencing tool for businesses and individuals as remote work and social activities become a regular feature of our daily lives, at least until something better comes along. But whatever may eventually replace it will come with its own set of problems.
Practicing good password hygiene, using secure VPNs, especially for corporate functions, and understanding the best practices for video conferencing are all great ways to keep your personal information and meetings secure in post–COVID-19 life.
For more information on the Zoom settlement, visit DataBreach.