Is Zoom Safe to Use? The Most Secure Video Conferencing

The coronavirus spread made millions of people stay home and adjust to the new conditions to continue their work, studies, research, social gatherings, etc. Video conferencing has become one of the most effective tools for digital communications. Recent events connected with Zoom made users reasonably wonder what the most secure video conferencing tool is. Let’s have a closer look at this situation.

A Great Boom of Software and Zoom Security Breaches


As the popularity of various software for video calls has soared, millions of people started using Zoom. It provides the possibility to organize group calls, chats and meetings online. However, at the end of March, this program experienced ‘Zoom-bombing,’ intruders’ attacks where half a million Zoom accounts were hacked. Zoom users experienced unwanted meeting attendees and harassing participants. Moreover, there was a leak of users’ email addresses and photos. Additionally, the Zoom installer's deficiency lets attackers get root access to computers that have a malicious version.

Consequently, various governmental organizations and other companies have banned the use of Zoom for their workers. Among these are the German Foreign Ministry, the United States Senate, Google, Elon Musk’s SpaceX alongside NASA, New York’s Department of Education, and numerous others.


Is Zoom the Most Secure Video Conferencing Now?


As a response to attacks and the public’s reaction, Zoom introduced a 90-day strategy to deal with security concerns. What we can see on the official Zoom security website page is that they are improving software to reduce its vulnerability.


Encrypted Communication and Data Exchange


Data encryption is a technique that transforms unencrypted data, or plaintext, into an encrypted ciphertext through a special algorithmic function. Zoom has advanced its encryption techniques, and now the software uses TLS (Transport Layer Security) 1.2 with the Advanced Encryption Standard (AES) 256-bit algorithm. Users get the following protection.

  • In-meeting and in-webinar presentation content is encrypted at the application layer.
  • Chat sessions are encrypted with asymmetric and symmetric algorithms. As session keys are created with a device-unique hardware ID, unauthorized users won’t be able to tamper with session or eavesdrop.
  • The file transfer function available through in-meeting chat protects shared files with encryption.


Enhanced Passwords


Besides chat and file share encryption, Zoom has enabled meeting passwords. Now, you are required to have a password to join meetings. The company also introduced a virtual waiting room where people have to wait until they are approved. This factor prevents uninvited visitors to meetings.


Limitations in Security Measures


Although Zoom has taken several significant steps to increase security, there are several restrictions for users. Firstly, it’s possible to keep recordings either on Zoom’s cloud with the Cloud Recording option or on the host’s local device. Yet, pay attention to the fact that the Cloud Recording feature is available only in paid accounts. Secondly, you are responsible for protecting the data stored locally. It’s up to you to choose free or commercially available tools if you wish to encrypt it. 

Thirdly, two-factor authentication (2FA), which protects accounts with a two-step sign-in process, creates additional security. However, this authorization doesn’t apply to the Zoom mobile app, Desktop Client, or Zoom Rooms. Likewise, advanced security settings that comprise password and sign-in method restrictions are available only in Pro, Business, Education, or Enterprise accounts.


Summing Up


Zoom’s vulnerability has led to data leaks and unwanted people in group meetings. It’s possible to conclude that security breaches that happened to Zoom can affect any platform that has not safeguarded itself properly. 

If you have a Zoom account, it’s advisable to change the password and revise security settings. You may decide whether to continue using the program or opt for other tools. Yet, to ensure that your data is intact, you should check the security policy of the software before installing and running it. Thus, you'll consciously choose the most secure video conferencing depending on your needs. Additionally, you can select data protection solutions to ensure that your private or corporate assets get enhanced protection against data theft.

While we are waiting for further Zoom security improvements and new releases, subscribe to our blog. Stay updated and secure with MBS Techservices!

Categories

 

For your convenience, we’ve divided our blog on cyber security into several categories so that you can find necessary articles fast and effortlessly. Just choose the category that evokes your interest and enjoy reading.