Zoom daily meeting has suddenly become a choice of collaboration for remote teams, the number of participants growing from 10 million in December 2019 up to 200 million in March, due to the COVID-19 situation
The sudden rise in demand for remote conferencing platforms has resulted in the exponential rise in the number of Zoom users. A 500% rise in the daily traffic to the Zoom platform has exposed users to certain privacy and cybersecurity issues. Unsurprisingly, recently Zoom’s shares have increased 74% while the global stock market is down by 21%.
Concerns and Allegations
Many privacy and cybersecurity concerns regarding Zoom have come up, including the below allegations:
- Zoom sending data of its iOS app users to Facebook for an ad, even if the user is not on Facebook
- Zoom’s window version is vulnerable to attackers who can send malicious links to users’ chat interfaces to gain access to the network credentials
- Zoom doesn’t require a user’s consent before allowing the host to record the session
- A security flaw is found in the platform that enables hackers to take over a user’s Mac, including tapping into the webcam and microphone
- Zoom has access to unencrypted video and audio from meetings
- Zoom has been alleged for violating the California Consumer Protection Act
Ways to Enhance Security and Privacy
With the increased number of privacy concerns, businesses are carefully weighing the risks and benefits of using Zoom conferencing over other platforms like WebEx or Skype. Companies who are still relying on Zoom are focusing on revising or implementing privacy protocols that leverage secure video conferencing software to mitigate associated privacy risks.
Looking at the massive risks that have been introduced, cybersecurity experts have highlighted some precautions that could help keep users safe:
- To mitigate the “Zoom bombing” risk, the setting should only allow the host to share the screen.
- The hosts should use a “waiting room” for all meetings— to ensure that the new attendees are approved before joining the meeting.
- The hosts should generate random meeting IDs instead of Zoom-generated links or their personal meeting ID.
- Users need to keep their microphones and cameras turned off unless they are speaking.
- Hosts need to prohibit local recording in order to mitigate the risks of disclosure of confidential information. The local recording option should be disabled before discussing proprietary or confidential information.
- Businesses should prefer using Zoom webinars over meetings whenever possible. Because webinars don’t include group participation, they are much less attractive targets for hackers with fewer security vulnerabilities.
With the unexpected situation of COVID-19, the dependency of businesses on collaborative communication tools has increased. Though these tools are now featuring automatic backup of stored data, end-to-end encryption, and seamless user interfaces to revolutionize remote working to help organizations cut costs on infrastructure. With the nature of cyber threats becoming increasingly complex, these tools will need to catch up by continuous evolution to ensure ease of use by not affecting the cost of security or efficiency.