The COVID-19 pandemic has had a huge impact on the economy, and forced many employees to work remotely. For more than 200 million people, that meant using Zoom for virtual meetings everyday. An incredible increase from just 10 million daily users just last December. But for hackers and bad actors, that also meant an opportunity to exploit a platform that wasn't prepared for the rapid growth and users utilizing it in new use cases that wasn't considered.
UPDATE: In April 2020, in connection with the COVID-19 pandemic, the Office for Civil Rights (OCR) at the Department of Health and Human Services (HHS) announced the Notification of Enforcement Discretion, which allows healthcare providers to use widely available communication apps, such as [name of the app], for telehealth services without the risk of incurring HIPAA fines. For more information, check out this recent Paubox blog post.
SEE ALSO: Zoom HIPAA Compliance: The Ultimate Guide
The security incidents ranged from juvenile " Zoom bombing," to thousands of video call recordings being open and unprotected on the internet, to zero-day vulnerabilities. If it all sounds scary, it should be. But that doesn't mean Zoom can't be used securely. In this post, we'll cover some best practices to make sure your Zoom meetings are secured.
Like all popular software applications, Zoom is constantly under attack by hackers looking for exploits. This is no different than the challenges faced by Apple, Google, and Microsoft. To Zoom's credit, they have moved fast to patch vulnerabilities as they've come up.
SEE RELATED: Is Zoom HIPAA Compliant?
That's why it is extremely important to install updates when you see a notification, and not put it off. The updates aren't always just minor performance tweaks, but often contain urgent security updates. Many of the original concerns around privacy were fixed in recent patches. Also, many of the issues people were having with Zoom arose from users not knowing how to change settings to enable many security features. But a recent patch enabled many security features to be set active by default, like meeting passwords, and also made finding security options easier.
Most of these settings can be accessed from the new Security Icon available to hosts when you've started a meeting.
Zoom now sets all new meetings to "private" by default, but it is possible to make the meetings public, which some users do in order to make it easier for participants to join. But by now, it's abundantly clear that the minor inconvenience of entering a password is well worth it.
You can think of giving out your personal meeting ID like giving out your home address. Not something you'd likely be willing to give out unless it's to a trusted individual. Every registered Zoom user has a personal meeting ID, and that's basically one continuous Zoom meeting that anyone can join at anytime. You'll want to use this only for internal meetings at most, but never use it for public or external meetings.
In it's latest patch, Zoom announced the Waiting Room feature is now on by default for free Basic and single licensed Pro accounts, as well as education accounts enrolled in our K-12 program. That means for many organizations, this is not enabled. But you'll want this on to see who is attempting to join a meeting before allowing them access. You can enable the Waiting Room in your Account Settings, or after you start a meeting via the Security Icon.
To make sure you have control of your meeting even before it starts, you'll want to make sure "Join Before Host" is disabled. Like the name says, it prevents participants from jumping on early and possibly sidetracking your meeting. This should be disabled by default, but just in case you'll want to double check in your Settings.
Although this is a key part of moderating your meetings, this setting is important enough to be listed on its own. One way to be sure that no undesirable content is shared with your meeting participants is simply to make sure no one else can share their screen unless allowed to by the host. You can set this from the Security Icon in your meeting.
Zoom recently published a blog post that features a full list of in-meeting settings that can help you keep control of your meetings.
Like other popular applications, with popularity comes both good and bad attention. But following the steps in this post can help make sure your Zoom experience is as secure as possible.