top of page

A more secure (and private) Zoom

Updated: Nov 23, 2022

The video-conferencing app maker is addressing security and privacy concerns. There are steps you can take, too.

Zoom video conferencing meeting featuring user faces on a laptop screen
Zoom is working to address security vulnerabilities and privacy risks.

Security and privacy concerns about video-conferencing app Zoom have surged as quickly as use of the app itself. Its ease of use and low price tag held strong appeal for businesses scrambling to facilitate staff working from home as a social distancing measure while the COVID-19 pandemic took hold. As a result, the number of daily Zoom users skyrocketed from 10 million in December 2019 to 200 million in March 2020. That sudden widespread adoption among home users revealed multiple vulnerabilities in the app, which was originally built for the corporate world.

Criticism over the past several weeks has pointed to flaws on several fronts. Zoom's privacy policy allowed user information to be shared with Facebook and other third-party services. Insufficient encryption standards increased the likelihood that sensitive information communicated during a video meeting could be accessed by someone who shouldn't. Lax security meant that conferences could be hijacked and disrupted by users who guessed the URL or meeting ID of a public Zoom session ("Zoom bombing"). In recent days, the company has committed to prioritizing security fixes over feature development. To combat Zoom bombing, "waiting rooms" and password requirements are now on by default setting for all new or previously scheduled meetings for Zoom Basic tier and single-license Pro tier users. A password requirement adds another step - and layer of difficulty - to using Zoom, but it's an inconvenience that most anyone active on the internet long ago accepted as routine. The virtual "waiting room" feature means that a user can't join a video conference until the meeting host lets them in.

Follow these guidelines to boost defenses against unwelcome access to Zoom meetings:

Also consider taking these additional measures:

  • Limit screen-sharing permissions to the meeting host.

  • Disable file-transfer

  • Disable private chats.

  • Disable annotations.

  • Restrict custom backgrounds.

Above all, "Control your own privacy as you do with all online tools," as Check Point cybersecurity expert Mark Ostrowski said in a recent Forbes article. "Assume what happens in Zoom does not stay in Zoom.”


Commenting has been turned off.
bottom of page