10 Tips to Consider If You Must Work in Zoom
Many are left trying to figure out what platforms to use as they move to virtual verses physical meetings continue to increase during the global pandemic. Whether it is a meeting, webinar, or other, the choices are many, but two well-known platforms stand among the masses. Those two are Microsoft Teams and Zoom. Our suggestion is Microsoft Teams; however, we realize due to ease and convenience many utilize the Zoom. So, here are a few things to keep in mind when jumping into a Zoom Room.
Microsoft Teams
Microsoft Teams is much more secure and offers the same functionality as Zoom along with many additional features. If your workplace uses Office 365, you already have access to Microsoft Teams -- a platform for chat, video conferencing, and audio calls. The workplace communication hub integrates with Microsoft Word, Excel, PowerPoint, and other Office apps for seamless presenting and file sharing. You can talk to team members privately or in specific channels, and you can call attention to the whole group or just an individual with the mention feature.
You can video chat with up to 250 people at once with Teams, or present live to up to 10,000 people. Share meeting agendas before a conference, invite external guests to join a meeting, plus access past meeting recordings and notes. Meetings can be scheduled in the Teams app or through Outlook.
ZOOM for Government
Zoom for Government is still an option for DOD videoconferencing, according to the VOA report and Carver in Military.com. Zoom for Government is a paid tier service, hosted in a separate cloud authorized by the Federal Risk and Authorization Management Program. Seven government agencies, including three Cabinet-level departments, the Centers for Disease Control and Prevention and Customs and Border Protection are listed as users on the program website if your organization must use Zoom for meetings it is recommended that you follow the below best practices
- Protect Your Account
A Zoom account is just another account. In setting yours up, you should apply the following basics methods of account protection.
- Use a strong and unique password
- Protect your account with two-factor authentication, which makes your account harder to hack and keeps it better protected.
- In addition to your login and password, you get a Personal Meeting ID (PMI) after you register. Avoid making it public. Zoom offers an option to create public meetings with your Personal Meeting ID, it’s quite easy to leak that ID. If you do, anyone who knows your PMI can join any meeting you host, so share this information prudently.
- Use Your Work E-mail to Register with Zoom
A weird glitch in Zoom (which at the time of this writing wasn’t yet fixed) causes the service to consider e-mails of the same domain as belonging to one company. This is done unless the domain is widely common such as @gmail.com or @yahoo.com. As a result, it shares individual contact details with each member of that group. This occurred to users who registered Zoom accounts using e-mails ending with @yandex.kz, which is a public e-mail service in Kazakhstan. It could occur with e-mail addresses belonging to smaller public e-mail providers.
So, to register with Zoom, it is advised that you utilize your work e-mail. Sharing your work contact details with your real colleagues should not be too troubling. If you don’t have a work e-mail, use a burner account with a well-known public domain to keep your personal contact details private.
- Don’t Fall for Fake Zoom Apps
As Kaspersky security researcher Denis Parinov discovered, this March the number of malicious files incorporating the names of popular video conference services (Webex, GoToMeeting, Zoom, and others) in their filenames had roughly tripled in comparison with the numbers he found month by month over the previous year. That most likely means malefactors are ramping up their abuse based on the popularity of Zoom and other apps of its kind, trying to disguise malware as videoconference clients.
Don’t fall for it! Use Zoom’s official website — zoom.us — to download Zoom safely for Mac and PC, and go to the App Store or Google Play for your mobile devices.
- Don’t Use Social Media to Share Conference Links
Sometimes you want to host public events, and in many places, online events are the only type of public events available these days. As a result, platforms such as Zoom are attracting more and more people. However, even if your event is truly open to everyone, you should avoid sharing the link on social media.
If you knew anything about Zoom before reading this post, you’ve probably heard about the so-called Zoombombing. It’s a term Techcrunch journalist Josh Constine coined to describe trolls disrupting Zoom meetings with offensive content. Right now, several chats on Discord and threads on 4Chan (both popular with trolls) are discussing targets for their next raids. Where do the trolls get information about upcoming events? That’s right, they find them on social media. So, avoid publicly posting links to Zoom meetings. If for some reason you still want to, make sure you don’t enable the Use Personal Meeting ID option.
- Protect Every Meeting with a Password
Setting up a password for your meeting remains the best means of ensuring that only the people you want in your meeting can attend it. Recently Zoom turned password protection on by default — a good move. That said, don’t confuse the meeting password with your Zoom account password. Just as meeting links, meeting passwords should never appear on social media or other public channels, or your efforts to protect your call from trolls will be in vain.
- Enable Waiting Room
Another setting that gives you more control over the meeting is the option to utilize a Waiting Room, which was also recently enabled by default. The function makes participants wait in a virtual “waiting room” until the host approves each one. That gives you the ability to control who joins your meeting, even if someone who wasn’t supposed to participate somehow got the password for it. In addition to that, it lets you kick an unwanted person out of the meeting and into the waiting room. We recommend leaving this box checked as active.
- Pay Attention to Screen-Sharing Features
Most videoconferencing apps offer screen-sharing, enabling one participant to show their screen to the others. Zoom is no exception. Some settings worth keeping an eye on when activating this function include:
- Determining whether you may need to limit the screen-sharing ability to the host or extend it to everyone on the call. If you don’t need other people to show their screens, be sure to limit this capability so others will not have the option to jump in while you are sharing.
- Letting multiple participants share screens simultaneously. If you can’t immediately see why your meetings would need this capability, you’ll probably never need it; just keep it in mind in case you ever need to enable it.
- Stick with the Web Client If Possible
Numerous Zoom client apps have demonstrated a variety of flaws. Some versions let hackers access the device’s camera and microphone; others let websites add users to calls without their consent. Zoom was quick to fix the aforementioned problems, as well as other similar ones. To enhance security, it also stopped sharing user data with Facebook and LinkedIn. However, given the absence of a proper security assessment, Zoom apps likely remain vulnerable, and may still employ questionable practices such as sharing data with third-party entities.
For this reason, we recommend using Zoom’s Web interface instead of installing the app on your device, if possible. The Web version sits in a sandbox in the browser and doesn’t have the permissions an installed app has, limiting the amount of harm it can potentially cause. In some cases, however, even if you want to use the Web interface, you may find that Zoom has gone ahead and downloaded the installer, and there’s just no other option to connect to the meeting but to install the client. In that case, you can at least limit the number of devices on which Zoom is installed to just one. Let it be your secondary smartphone or, possibly a spare laptop. Choose a device with next to no personal information. We know that sounds somewhat paranoid but better safe than sorry.
By the way, if your company already uses Skype for Business (previously known as Lync), then you have another option. Skype for Business is compatible with Zoom and can handle Zoom conference calls just as well — without the aforementioned flaws.
- Don’t Believe in Zoom’s Advertised End-to-End Encryption
Zoom gained its market share not only for its prices and feature set but also because it touted the product’s end-to-end encryption. With end-to-end encryption, all communications between you and the people you’re calling are encrypted in a way that only you and the people on the call can decrypt them. All other parties, including the service providers, cannot. This may sound cool, but it’s next to impossible, as security researchers have pointed out.
Zoom had to acknowledge that, in its case, the other end means the Zoom server. This means the video is encrypted, but Zoom employees, and potentially law enforcement agencies, have access. Though, the text in chats seems to be encrypted end-to-end. The encryption fudging is not necessarily a reason to abandon Zoom for good as other popular video conference services lack end-to-end encryption as well. But you should keep it in mind and avoid discussing personal or trade secrets on Zoom.
- Think About What People Can See or Hear
This one applies to every video conferencing service, not just Zoom. Before you jump on the call, take a moment to consider what people will see or hear when you join the call. Even if you’re home alone, they may expect you to be fully dressed. Basic grooming is probably a good idea.
The same holds true for your screen if you plan on sharing it. Close any windows you’d rather others not see, whether it’s a surprise gift you’re buying online for another person on the Zoom call or a job search your boss doesn’t need to know about. We’ll leave other examples to your imagination.
For more information on how to keep your information secure while working online sign up to receive the “Security Tip of the Week.”
Sources
Leave A Comment