I am sure you all must have heard about the Zoom which has gained popularity amidst the Corona Virus outbreak. Recently, the app has faced a huge backlash due to a lack of security and privacy.
The Govt. of India said that the popular video conferencing app Zoom is not safe. The Ministry of Home Affairs has issued an advisory and asked the government employees to not use it for official work.
MHA has also issued guidelines through CyCord (Cyber Coordination Center) for private individuals to use the app. Here is a link to the guidelines issued by CyCord.
Germany and Taiwan were the first nations to point out the security flaws and have completely banned the use of Zoom in their nation. Several companies Apple, Google, and Tesla have warned their employees from using Zoom.
CyCord has shared a list of checks required to stop DOS attacks and enhance the privacy of the system. Here is the list:
- Setting new user ID and password for each meeting
- Enabling waiting Room, so that every user can enter only when the host conducting meeting admits him.
- Disabling join before the host.
- Allowing Screen Sharing by host Only.
- Disabling “Allow removed participants to Re-Join”.
- Restricting/disabling file transfer option (if not required).
- Locking meeting, once all attendees have joined.
- Restricting the recording feature.
- To end the meeting (and not just leave, if you are an administrator).
Zoom has been trending in India in recent weeks. It was also reported that details of over 5 Lakh Zoom accounts were listed on the dark web recently.
Are you concerned about the security flaws in the Zoom?
The company responded to the backlash and the founder CEO, Eric S. Yuan apologized and promised to freeze all development on new features and prioritize the privacy and security of the users in a blog post.
The company has responded to the security issues and introduced some new features like:
- New Password Requirements which will require a more complex password for the meeting.
- Zoom has introduced Longer Meeting ID’s to enhance security. The random meeting ID now requires an 11 digit instead of a 9 digit ID.
- All Cloud Recordings will be password protected now with a more complex password.
- Chat notifications on a desktop will now display an alert while the contents will remain hidden.
Additionally, Zoom will be working with Luta security under a 90-day get-well plan. Check out this page to know, How you can host a secure meeting on Zoom?
Head over to Zoom blog for more security updates.
Tell us what do you think about the Zoom in the comments below.