Zoom’s video conference app has recently drawn the attention of researchers and journalists to a range of possible privacy and security concerns, as the use of the platform grows as a result of an increase in remote work related to coronavirus. One of the main security issues Zoom faces is the “Zoombombing” wave when uninvited guests break into the meeting and interrupt it.
Recently, Zoom CEO Eric Yuan responded to complaints, saying that Zoom will pause app changes to fix security issues over the next 90 days. But let us first understand what exactly zoombombing is?
What is Zoombombing?
Zoombombing is a form of a security breach which illustrates when someone disrupts a videoconference chat happening on Zoom. People who use the zoom app report their meetings were intruded by random people who post offensive images, sharing personal information about people in the chat, or harassing them with hateful speech and menaces.
The concept is adopted from the Zoom video conference platform but has also been used to refer to the anomaly on any number of video conference platforms.
Most Zoom conferences have an open connection which allows them to enter if an individual click on it. Such connections were gathered by malicious individuals or Zoombombers and exchanged in private forums, then log into other people’s personal meetings to create havoc.
Zoombombing a meeting can really be quick. A quick Google search for URLs that contain “Zoom.us” will, in many cases, throw up the insecure links to several meetings into which anyone can leap. Likewise, links to public meetings can be found scattered across on social media platforms.
Zoom has patched some gaps in security and confidentiality but still has a lot to do before it regains the confidence of users. While there are no assurances against hackers, when using Zoom, there are several ways to protect your online meetings and boost your overall privacy level. If you are already a Zoom user and are uncertain about its operation, here are a few tips for keeping video calls secure and confidential.
Pro Tips for Avoiding Zoombombing
Information security and privacy experts have given various suggestions when organizing a Zoom meeting. The list of suggestions summarized below is to add certain protection and privacy attributes, I have also included some of the implementation processes:
Using the new version of Zoom with your accounts
Login in and upgrade to a new Zoom client or app version.
Zoom has implemented different changes to the application which includes user experience and security updates. These changes include a more noticeable “Security” icon for users to see and use, suppressing meeting ID numbers and modifying the default settings to include passwords and session waiting rooms.
This will give you access to the meeting settings before setting it up and ensure that there are up-to-date security updates on your device. You may also use a web version of Zoom, but not all of the latest features are included so some of these tips might not work. Zoom eliminated the remote Web server from its new software versions. If you’ve recently downloaded Zoom, no need to think about the vulnerability.
Shut out unauthorized participants
Don’t give out invitations to Zoom Meetings or Meeting IDs to individuals who you don’t want to be a part of the meeting. Use the “Lock Meeting” option under the participants’ pop-up box for additional protection so that nobody else can enter once the participants you expect are online.
Currently, you can also lock the meeting in the host toolbar. So in case, if anyone leaves for some reason, they won’t be able to join again.
Switch off the participant screen sharing
Another way to avoid Zoombombing is by switching off the screen sharing feature of the Zoom platform. As the title indicates, for better communication, it lets others share their screen with those in the meeting. If you don’t want this to happen, though, you can turn on the ‘Security’ tab.
If a video is “stopped,” a host doesn’t have the power to restart the video that is, a host can revoke permission to share video for an individual, but can’t start video for another person – they can simply submit a notice asking them to use video.
You should make sure that photos, pictures or anything else “only” from your device or phone can be brought into the meeting.
Using “mute all” feature
The host has to mute audio for all participants once the meeting has begun. To do so, press Manage Participants in the Zoom Meeting screen in the bottom row. Look for the button that says “More” on the menu which opens to the right of your video display. Tap it, you will see the menu. Try to ensure that “Mute Participants On Entry” is marked, and “Participants To Unmute” themselves are unmarked.
Before joining a meeting, keep the video and microphone off
Switch off the camera and microphone by default to prevent being caught unaware, or by mistake causing other members to overhear a family member who might be talking when you first attend a Zoom group.
Go to Settings and click Video, then check “Turn off my video when you join a meeting.” Do the same for “Mute microphone when you enter a meeting” under Audio. Later, when you are able to participate in the conference, you can unmute your video and microphone.
For things not addressed in this article, please check the additional instructions on the Zoom web page.
If you’re searching for an alternative to Zoom, there is already a variety of solutions for video-conferences. There are established platforms that people can identify with, such as Skype by Microsoft, Webex by Cisco, Hangouts by Google, BlueJeans and Starleaf.
Skype, which is owned by Microsoft unveiled a new feature called Meet Now earlier this year which allows any user to start or enter a group video call as a guest without signing up as a Skype user. But the feature does have its own safety drawbacks. Skype creates an invitation link that any individual with the link can join the meeting immediately and the links do not expire.
There is a valid reason why Webex, the video conference platform from Cisco, has the look and feel of Zoom. This is because it also runs on limited bandwidth lines with high-definition video images, cost savings, and tight protection of information. This is an ideal service for exchanging, presenting documents, or viewing participants live on screen or capturing all of the meeting’s photos and content, the meeting’s data is strictly controlled.
Hangouts (Google Meet)
Google Hangouts which was recently renamed as Google Meet is not rich in functionality but is very simple to use in return. Another compelling feature of this platform is that it makes audio meetings for up to 150 people. Free Hangouts also enable 10-person image chats, instant messages and screens content sharing.
The company recently announced that its paid features, including video conferencing for up to 250 members live streaming up to 100 000, and that the user’s option to record meetings would be free until September.
Calls through this platform are encrypted by default. BlueJeans provides one of the best security but has some limitations. Registering for BlueJeans isn’t free and even the $13.99 a month “Pro” account has a limit of 75 people.
StarLeaf British platform is bound to UK domestic data protection regulations and end-to-end video conversations are encrypted. The company has been providing its services globally for free since the pandemic. But it has its limitations: Video conference calls are limited to 25 people, with a maximum duration of 45 minutes for each call. The paid plan for the platform allows conference for 100 people, and for an unlimited length of time.
Other alternatives also include Jitsi Meets and Whereby
The problem with dropping Zoom for another platform due to zoombombing is that they all have their own disadvantages, whether it’s the price, end-to-end encryption, or restrictions on the length of calls, or the number of members that can participate in a meeting.
In my own opinion, the best alternative for Zoom may not yet exist. But because of the zoombombing if you want to switch to another platform, we have mentioned