As millions of Americans explore ways to work remotely while maintaining efficiency, video conferencing has become more important than ever before. But which application is right for your company?
One of the leading video conferencing platforms, Zoom, has seen an astonishing growth from 10 million daily users in December to an estimated 200 million in March. But the increase in users has exposed many significant security concerns.
Security and Privacy Issues
For one, hackers could use Zoom’s chat feature to steal login credentials. Zoom’s chat converts URLs into hyperlinks and that feature could be used maliciously on Windows networking UNC paths by turning them into a clickable link that reveals login information.
Another security flaw, if exploited, could grant control of a Zoom user’s webcam and microphone. With so many users conducting personal and professional business at home, this bug could result not only in serious embarrassment but also with corporate liability.
Zoom’s security infrastructure itself is lacking, according to many experts. Zoom utilizes Transport Layer Security (TLS) protocol, rather than end-to-end encryption. Although TLS protects data from being shared with outside parties, the information isn’t hidden from Zoom itself. If Zoom’s network is ever compromised, your corporate data could be exposed, too.
Zoombombing: More than a Minor Disruption
“Zoombombing” is a new form of online harassment that has been making national headlines. Pranksters gain unauthorized entry into an ongoing Zoom session by guessing the URL or conference ID. Once they have access, their goal is to disrupt the meeting with profanity, racial slurs, and/or adult content.
If your organization is committed to using Zoom, there are several ways to minimize your risk of experiencing a zoombombing attack. Always require a meeting password. Create a unique ID for your conference and don’t share it publicly. And perhaps most importantly, each meeting host should familiarize themselves with how to put disruptive users on hold and disable their camera feed.
A Strong Alternative: Microsoft Teams
While no application is perfect, we recommend that you consider a more established alternative like Microsoft Teams.
Microsoft recently highlighted the security and privacy features of Teams, (in part to contrast with the negative press that Zoom has received). For example, Teams allows more control over who can join your meeting and who should wait to be let in. Meeting organizers also have the capability to remove participants during the meeting and designate who can and cannot present content. And to further combat inappropriate content, Teams includes a truly groundbreaking feature: real-time virtual moderation, backed by artificial intelligence.
In addition, Microsoft requires Multifactor Authentication, making identity validation straightforward.
And in terms of data security, all meeting data (video, audio, and desktop sharing) is encrypted in transit and at rest using Secure Real-time Transport Protocol (SRTP).
With many organizations scrambling to select software and train employees, there’s a clear need for guidance. TCG Network Services is a telework support partner you can trust for honest technology advice. Contact Boston’s IT Services Provider for more information!