In the wake of the COVID-19 pandemic, Zoom Video Communications experienced a significant explosion in its userbase with the platform’s daily average users skyrocketing from 10 million daily users to over 200 million.
This significant increase in attention has lead to Zoom entering the spotlight following rising privacy and security concerns discovered by security industry leaders and privacy-conscious users. As organizations continue to accommodate remote working and determine the best ways to manage a remote workforce, news about security issues regarding the applications needed to support them will be a significant concern.
In this bite-sized article we will cover:
Zoom Video Communications is an American cloud-based video conferencing company. It was founded by Eric Yuan in 2011 and is based in San Jose, California. Zoom offers free and paid tiers of its platform and attendees can join a Zoom meeting without downloading an application or making a dedicated account, making it a popular choice for convenient video conference meetings for both enterprise and personal use.
Controversies surrounding Zoom’s privacy and security issues have caused many organizations to outright ban the use of the platform. As the situation evolves and Zoom continues to work to address the discovered issues these companies may consider allowing the platform.
Organizations That Have Banned Zoom Video Conferencing:
The phenomenon known as “Zoom Bombing” involves unwelcome users gaining access to meeting rooms and sharing grotesque content with unsuspecting users. This practice has been especially troubling for new users that have begun using Zoom to keep in touch with family members partaking in mandated social distancing throughout the COVID-19 pandemic.
How Zoom Bombing Happens:
Once inside a Zoom meeting room, the malicious hackers shout profanities and share grotesque content with meeting attendees by taking advantage of Zoom’s default settings that allow new users to share their screens. This is especially troubling for Zoom’s pre-defined and reusable Personal Meeting IDs (PMI) as users of the Free tier cannot change their PMI by default, leaving future meetings susceptible to abuse when bad actors illicitly share their PMI.
With some adjustments, Zoom is safe to use for most people as the latest influx of controversy (such as Zoom Bombing) has stemmed primarily from abuses made possible by the default privacy and security settings of the platform.
For enterprise users, security considerations for using Zoom are entirely different. Concerns surrounding claims that Zoom is not end-to-end encrypted as advertised and a formerly unpatched UNC vulnerability that had allowed hackers to steal Windows credentials have lead security-conscious enterprises to question if the platform meets their cybersecurity needs.
To address the incoming wave of privacy and security concerns from privacy-conscious users and enterprise customers alike, Zoom has released a statement to its customers about the steps they will be taking to improve the security of their platform.
Highlights: What Zoom is Doing To Fix Security Issues
As the situation continues to evolve there are likely to be several new features and adjustments to Zoom’s default settings. If you would like to stay up to date with the latest Zoom security and privacy updates, the CEO and Founder of Zoom (Eric Yuan) has started hosting weekly webinars on Wednesdays at 10am PT from their website.
If security and privacy concerns surrounding Zoom have you searching for alternatives, the below list of Zoom competitors are suitable options video conferencing.
Designed with enterprise users in mind, Cisco Webex provides features for teleconferencing, interactive webinars, cloud calling, and team collaboration. Their offerings have recently been updated to enhance the features of their free plan to address the need for video conferencing options following social isolation orders related to COVID-19.
Microsoft offers two video conferencing products – Microsoft Teams and Skype. Skype is best for personal video calls with family and friends, and Microsoft Teams is recommended for schools or enterprises looking for added collaboration features for remote learning and the management of project teams.
Free users of Google Hangouts can have group calls of up to 10 people. With multi-platform support for Android, iOS, and the web, the free version is suitable for small virtual social gatherings, though participants will need a Gmail or Googlemail email address to participate. The paid tier of Google Hangouts (Google Hangouts Meet) is included as part of existing GSuite subscriptions. To help businesses and schools during COVID-19, Google is offering all tiers of GSuite customers access to the video conferencing features that were previously only available for enterprise customers – Up to 250 participants per call, live streaming for up to 100,000 viewers, and the ability to record meetings and save them to Google Drive