Zoom: How to Deal with the Vulnerabilities
by Elaine Evans, on Apr 3, 2020 1:36:40 PM
You may have read about how much Zoom is being used due to social distancing. You may also have heard about the serious vulnerabilities that have been discovered with the product.
Many people use or have started using Zoom and really love it as a conferencing tool. And if you’re just doing virtual Happy Hour, you may not be as concerned. Still, these existing security flaws are well worth considering.
So, what should businesses do? We don’t have all of the answers, but there are few steps that can be taken depending on your situation:
Keep Zoom updated.
Yesterday, Zoom released an update to help secure some of the vulnerabilities. We pushed this patch to our clients, but if you don’t have IT or a centralized device management solution, you can send an email out to your end users, requiring them to do the update.
This really goes for all your software, but considering the higher risk, you should make sure to reinforce this for your team.
Check your Zoom meeting settings for these items:
- Require a meeting passcode is checked (should be default, but people have seen this is inconsistent)
- Look at your participants in case you get a Zoombomber. You can mute them so that they can’t disrupt.
- Enable Waiting Room. It allows you as a Host to admit people before joining. A bit much to manage depending on your meeting size, but it can give you an added layer to someone penetrating.
Consider switching video conferencing platforms.
Zoom has its obvious upsides: it is easy to use and has unique features like audio streaming. However, it simply may not currently be secure enough for your environment. Currently, there is an FBI warning about the product. Consider switching to a less risky platform if your organization is concerned with (or obligated to) privacy and security standards.
Do your research before switching and understand that software providers update their products on a regular basis and vulnerabilities can appear with anyone who is not carefully monitoring and updating their products. Popular alternatives include Google Hangouts Meet, WebEx, Microsoft Teams.
Still concerned? Reach out and we may be able to help you with a plan. We offer IT support to hundreds of organizations.