Zoom is by far the most popular video conferencing service right now. From office meetings to yoga classes, people are using Zoom in different ways to stay productive and retain some normalcy in their otherwise currently restricted lives because of the Covid-19 virus outbreak.
Thanks to its ease of use and competitive pricing, Zoom has quickly risen to popularity—but that doesn’t mean it is completely safe. No app is, and therefore the onus is on you to take the necessary steps to keep yourself secure on Zoom.
How can you do that?
This post is a good starting point. We will discuss 8 tips for Zoom safety and privacy.
Protect your account
Look, here’s the thing. Your Zoom account is like any other account, and so you should apply the basic account protection here as well. Namely, make sure your password is strong and unique—a combination of letters, numbers, and special characters that is hard to guess.
Using a two-factor authentication is strongly recommended, as it adds an extra layer of protection. It can prove to be the difference between a compromised and a safe account in case your Zoom account data leaks. While so far Zoom has done a good job of keeping account data safe, things like this have happened in the past. Therefore, enabling an extra layer of protection makes a lot of sense.
Last but not the least—and this one is specific to Zoom only—protect your personal meeting ID. Once you complete registration, you will receive a Personal Meeting ID. Try not to make it public.
Since Zoom lets users create public meetings using their Personal Meeting IDs, one can easily leak it if one gets careless. If you do leak your Personal Meeting ID, anyone privy to it can join all meetings you host. Therefore, share it carefully.
Be wary of links
When you create a Zoom meeting, you can invite the participants by copying a URL generated by Zoom. However, this is hardly the safest way to invite people or enter a meeting.
Why? Glad you asked.
One of the most common tricks used by online scammers to dupe people is to send out a malicious link in an email. When the recipient clicks it, either he or she is encouraged to share their confidential information or a malware takes control of their computer and steal personal information.
When you create a meeting on Zoom, you have the option of inviting people by sending out a link which starts with https://zoom.us/ and then is followed by a string of letters and numbers.
However, there is another, much safer of inviting participants.
Instead of using the link that appears on your screen when you create a Zoom meeting, note down the meeting ID and the password. Next, list this information in an email, add a personal note to it, and then send out the email to the participants. They can use this shared information to join the meeting via the Zoom app or through Zoom official website.
Download the Zoom app from the official website
Do you know the number of malicious files using the names of other popular video conference services has grown rapidly in the last two months?
Hackers are trying to use the rapidly-growing popularity of Zoom and other similar services to their advantage by disguising malware as online videoconferencing clients.
Precisely for this reason, you should always—we repeat always—download Zoom from its official website: zoom.us. If you want the videoconferencing client for your android phone or iPhone, visit Google Play or the App Store.
Don’t share your conference links on social media
If you are organizing an online public event, you may want to use social media to share the link to it. However, that is not a good idea at all.
Ever heard of terms like Zoombombing or Zoom-bombing or Zoom raiding?
Well, they all refer to a situation when an uninvited person joins a Zoom meeting, usually with the intention of disrupting it.
Which brings us to the question: How do these people learn about upcoming events? You guessed it right—social media. Therefore, avoid publicly posting links to your Zoom meetings. In case you still want to do that, ensure you don’t turn on the option Use Personal Meeting ID.
Use a password for your every meeting
Protecting your meetings with passwords remain the most effective way to ensure only those people who have been invited can attend it. Some time back, Zoom enabled password protection by default, which is definitely a smart move. However, remember your Zoom account password and the meeting password are two different things. Furthermore, the meeting password—much like the meeting link—should not be posted on social media. Else, trolls may get a free hand to disrupt your meetings.
Enable the Waiting Room option
Waiting Room is another option that lets you control your meetings. Recently, Zoom enabled it by default, and we recommend you let it stay that way.
When this option is checked, all participants must wait in a “virtual waiting room” till the meeting host approves each one of them separately. As you may guess, this gives the host more control over who joins their meeting, even if an individual who wasn’t invited managed to somehow get hold of the meeting password. Also, the meeting host, if they want, can kick out an unwanted person from their meeting into the “virtual waiting room.”
Choose the web client as much as possible
In the absence of a reliable security advanced, the Zoom app—like other apps in the market—remains vulnerable. Precisely for this reason, more than anything else, we recommend you stick with its web client as much as possible.
The web client doesn’t enjoy the same permissions as an installed app. Given this, if it gets compromised, the harm will be much less than compared to a compromise Zoom app.
But what if it’s not possible to use the web client?
In that scenario, try installing the app on a secondary laptop or phone, that is, a device that has little personal information of yours. While this may sound a bit paranoid, it’s better to take precautions now than repent later.
Don’t believe Zoom’s end-to-end encryption claim
In addition to its impressive feature set and competitive pricing, Zoom gained popularity on account of its claim of end-to-end encryption, which means any communication between you and other person is encrypted in such a way that only you two can decipher it, not others.
Sounds impressive—but this is almost impossible to achieve, as pointed out by many security researchers. Unwillingly Zoom also acknowledged that, stating that by the other end they meant the Zoom server, not the person on the other side.
This means even though video is encrypted, it is encrypted only till the Zoom server. Therefore, Zoom employees have access to the data. Law enforcement groups may also access it. Your text chats, however, are literally encrypted end-to-end.
Self-isolation is boring. It is also be lonely at times. The good part is we have apps such as Zoom that allows us to work and do so many other things—like enjoy our daily Yoga classes—remotely. Imagine current lock-down happening before broadband or videoconferencing!
We’re thankful apps like Zoom exist. All you have got to do is use it safely, which you now know how to.