By Adam Tseng
Zoom video conferencing. That’s a phrase you must have heard many times over recently. Maybe you have used it for school, or maybe just for talking to family and friends. The ability to have high-quality, real-time video chats with more than ten different people at once and share high definition video and screens with others is making Zoom a hit during the COVID-19 pandemic. In fact, the number of people using Zoom now is twenty times what it was last year. Everyone’s using it!
One can only imagine how surprised and pleased the Zoom company is to have so many new customers. However, the app has never been designed to accommodate so many users, and there are some issues with its security. Here are some things to watch out for.
Be mindful of what email you use to sign up
When Zoom was created, it was meant to be for corporations. It was never intended for the general public, and this is reflected in its user management system. Zoom’s Company Directory option groups users with the same email domain together - as if they all work in a company together. What do I mean by domain? It’s everything that comes after the @ sign in your email. In other words, if your account email is firstname.lastname@example.org, and some other random person’s account email happens to have the same ‘business.com’ address following the @ sign (for example, email@example.com), you two will appear on each other’s contacts list along with your emails, names, and status. Since the companies Zoom originally serviced never used large email providers like Google or Yahoo, people with those email domains (@gmail.com, @yahoo.com) are unaffected. But for the rest of the email domains, all bets are off. Therefore, it is important to be careful about what email you are using to sign up for Zoom.
Make sure your meeting is safe
Once you’ve created a Zoom account, take a look around and get familiar with it. If you click the “Meetings” tab, you may notice that you have a Personal Meeting ID, or PMI for short. That ID is important: it’s a shortcut right into any Zoom meeting that you are hosting. It may be fine to share with your family and close friends, but putting it out on Twitter or any other social media website is a bad idea. Moreover, those who do manage to hijack zoom meetings can make it even worse by “zoombombing,” sharing their screens with everyone to deliberately interrupt the meeting. Fortunately, there are a number of ways to prevent this. As a meeting host, you can change the settings so that only you can share your screen. If you schedule your meeting to a specific time, you can also add a special password to the meeting to make it even harder to hijack. Once everyone you wish to be in your hosted meeting is in, you can click on the “participants” tab in the taskbar down below, click “more,” and lock the meeting. This bars anyone else, including “zoom bombers” from jumping in and interrupting the meeting. Should a random person accidentally slip into the meeting, you can find them in the participants tab and click “remove” next to their name, which kicks them out of the meeting. This can also be reversed in the Settings tab in case you made a mistake.
Above and below: how to control who can share their screen in a meeting
Zoom sessions are not always completely encrypted
When you use WhatsApp or iMessage from Apple, your messages go through end-to-end encryption. This means that messages and videos sent from both users are encoded before they are sent to the recipient. This prevents any other outside party or user to listen in on your conversation. However, with Zoom, the meetings may not always be encrypted from end to end. This means that, while those meetings are still heavily protected from outside parties who may try to listen in on meetings by being on the same Wi-fi network, it allows the Zoom company to access the meeting. Thus, recordings of the meeting can be retrieved for use in legal proceedings. In order to prevent this, you should make sure that everyone on the Zoom call is meeting through the Zoom app, as within the app itself, everything is completely encrypted end to end. The real issue arises when people join via telephone or other apps like Skype. The company’s encryption, or encoding software does not extend past the Zoom app, so joining from an outside source can compromise the security of the call.
Watch for updates and learn more on your own!
The most important thing to keep in mind about using video conferencing apps like Zoom is that they can change, and boy is Zoom changing. The company recently became aware of all its security issues, and developers are currently focusing all efforts on increasing the security of the app. Everything said in this article may become obsolete in a few months as new security features and account fixes appear. It is important to make sure your Zoom account is updated to the latest version. You should also understand the many features available in both Zoom meetings and the app itself. Online blogs and other tech websites can be very helpful, as they offer plenty of other safety tips that aren’t covered here.
Horaczek, Stan. “Check These Privacy and Security Settings before Your next Zoom Video Chat.” Popular Science, Popular Science, 2 Apr. 2020, www.popsci.com/story/technology/zoom-video-chat-privacy-security-tips/.
“How to Prevent Zoom-Bombing.” PCMAG, www.pcmag.com/how-to/how-to-prevent-zoom-bombing.
Lee, Micah, and Yael Grauer. “Zoom Meetings Aren't End-to-End Encrypted, Despite Misleading Marketing.” The Intercept, 31 Mar. 2020, theintercept.com/2020/03/31/zoom-meeting-encryption/.
Newman, Lily Hay. “So Wait, How Encrypted Are Zoom Meetings Really?” Wired, Conde Nast, www.wired.com/story/zoom-security-encryption/.