In light of the current lockdown situation, many people all over the country have been turning to video conferencing platforms to replace face to face communications.
The most popular platform right now is called Zoom and there have been a lot of articles published in the last couple of weeks attacking the integrity of their platform. There are also reports that Zoom meetings are being “hacked”, and that their software is being used to distributed Malware. However, I’m not concerned and here are the reasons why:
1.) As an IT guy I know that functionality almost always proceeds security when a product is being developed. Zoom has gone from about 10M users to about 200M users in just a matter of weeks. Trust me, that will expose issues in any platform, and I’m actually very, very impressed that we haven’t crashed their system yet. From what I have read, there are some technical glitches and flaws in the software, but I also understand that the company is working hard to get those fixed.
2.) Secondly, I couldn’t find any evidence that suggests that anyone’s meetings had actually been “hacked” into. Instead they had an open invitation to the meeting and took advantage of it. It seems that some people are thinking about these meetings the same way they would any other public meeting. People who would show pornography to children, or make racial slurs, etc. would typically never do that in person because they can easily be identified and arrested. However, when they can hide behind a computer, even seemingly kind and upstanding people, can sometimes lose their inhibitions and say or do things that they shouldn’t. For that reason, you cannot publish a meeting invitation to the entire world by posting on your Facebook public page, or web site, and expect that only your intended recipients will join. Zoom has some built in features to control access to your meetings and we’ll talk about those in a few but my point is that the “hacking” accusations appear to be due to user error, or not using the security features the platform provides.
3.) Another article essentially says that Zoom is distributing malware. What is actually happening is that hackers are taking advantage of the fact that Zoom has become so popular all of the sudden, and releasing hacked versions of the Zoom installer that has malware bundled with it. The way to avoid getting malware this way, is the same way you should avoid installing malware all the time, which is to make sure that you are only downloading and installing software from a trusted source, in this case that would be Zoom.com. If you get a meeting request, make sure that the meeting request is taking you to zoom.com, where that is the last part of the URL before the last TLD. For example: zoom.com.meetingplace21.com, is not a reputable source.
4.) Finally, there is no replacement for Face to face communications. Much of our language and expression depends on facial expressions, body movements, and tone of voice. The lack of face to face communication will produce greater feelings of isolation, more misunderstandings, weaken resolves, and decreased motivation. Zoom or other video conferencing platforms can help reduce those symptoms tremendously. So the forth reason I’m not concerned is that the benefits are simply too great to allow the minor flaws in the platform, or the occasional user errors to persuade me not to utilize this tool.
So now let’s talk about what you should be doing to make using Zoom as secure as possible.
1.) As I mentioned before, only download and install the software from zoom.com, or from a legitimate Zoom meeting request. If you download and install the software from any other source, it is highly likely you will be infected with Malware. This however is not Zoom’s fault. You should be using this guideline for any software that you install, and almost every other popular software has counterfeit installers out there on the Internet as well.
2.) Never publish your meeting invitation on public web sites or Facebook pages. You can use Facebook private groups, a registration system, or an email list to make sure that only those users you want to join the meeting have access to the invitation.
3.) Use the built in security features in Zoom. You can require a password to join the meeting, which you would include in the meeting invitation. The user has to have the password in order to join so even if a meeting ID was “guessed”, only those who have the password can actually get in. We also highly recommend using the “waiting room”, where users go when they attempt to join a meeting. At that point, the meeting organizer must approve the user before they can actually enter the meeting.
If you do those things listed about, I believe you will be able to safely use this valuable tool to help get you through this season. Who knows, you may find that you continue to take advantage of these technologies long after the lockdown is over and we all go back to work. Which I believe is going to start happening very soon.
Wish you all the best! Stay safe out there and I’ll see you soon!