By Sharyn Fitzpatrick at Marcom Gurus
When virtual communication platforms like Zoom were developed, they probably didn’t think of how to safely use their platforms during a pandemic. Because of Zoom’s growing popularity with all of us, they have opened themselves up to intense scrutiny about privacy from the FBI and state Attorney Generals. Welcome to “Zoombombing,” where an uninvited attendee crashes your meeting and disrupts from its intended purpose.
Now, this is a PR nightmare for Zoom because a few bad actors bombed
classes and business meetings, and they showcased the app’s privacy and
security vulnerabilities. One of the features they are being criticized
for is the built-in attention-tracking features. As a self-professed
“Webinerd,” I love this feature because it enables us to analyze the
effectiveness of our events, the speakers, and the content. But that is a
double-edged sword, and I can understand why it raises privacy issues.
Zoom understands how important safety and privacy are to their users
and have been responsive in addressing these vulnerabilities. This past
week, they introduced important security tools to help eliminate these
issues. First, they removed the meeting ID number from the live meeting
screen. Second, they have added a new “security” toolbar icon
for meeting hosts, which enables them to control the level of security
and privacy for their meetings. This is only visible to the host and
co-host of a meeting and cannot be changed by an attendee or Zoombomber.
It requires hosts to be smart about how to hold their meetings and to
utilize these features to enable security.
Now, they have an all-inclusive dashboard where they can respond quickly to:
- Lock the meeting, deter Zoombombers and require an attendee to enter a password to participate
- Enable the Waiting Room option so you can approve who will enter the meeting
- Remove Participants that are not appropriate or disruptive
- Restrict
what Participants can do in your meeting. This includes their ability
to share screens, annotate on the content presented, chat with others in
the meeting, and/ or rename themselves. - Restrict meeting participants by domain
The Zoom team has also taken the extra precaution to update several features for specific account types:
- Waiting Rooms – this feature is now on by default for free Basic
and single licensed Pro accounts, as well as education accounts
enrolled in their K-12 program. It is a great option to control who can
access your meeting and assuage the security fears of your attendees. - Passwords
– meeting passwords are on by default for free Basic and single
licensed Pro accounts, and for education, accounts enrolled in their
K-12 program. - Domain Contacts – for free Basic and single
licensed Pro accounts with unmanaged domains, contacts in the same
domain will no longer be visible. They’ve also removed the option to
auto-populate your Contacts list with users from the same domain. you
can add them as External Contacts. - Renaming participants –
account admins and hosts can now disable the ability for participants to
rename themselves (for every meeting) at the account, group, and user
level in the web portal.
Zoom is being proactive about security. They released a 90-Day Security Plan focused on strengthening privacy and security for Zoom users. This includes a complete security review of the Zoom platform with Stanford professor and cybersecurity expert, Alex Stamos.
In a recent post on Medium.com, he said,
“As someone who has walked through the galaxy of blinking lights and the deafening whir of tens of thousands of servers carrying the sessions of millions of users, I appreciate the effort it takes to build a product that scales. To successfully scale a video-heavy platform to such a size, with no appreciable downtime and in the space of weeks, is literally unprecedented in the history of the Internet. It has been clear to many people who have worked on production-scale systems that something special has been happening at Zoom, and the related security challenges are fascinating.”
This makes him the perfect person to kick the tires and show Zoom where they are vulnerable and want changes they need to make.
Privacy and security on the Zoom platform will continue to evolve and
change – this is a continuous process beyond the 90 days and this
pandemic that they are committed to doing. This focus on security will
hopefully alleviate the fears that participants have about how safe it
is to participate in a Zoom meeting. It is a great platform, effective,
and provides lots of opportunities for us to connect in our pandemic
world.
