KOCHI: As security concerns are looming over the use of conferencing app Zoom while working from home, cyber experts suggest that its responsible use can negate data leak threat to a great extent. Experts point out that Zoom accounts are vulnerable when personal IDs and contents are shared through other social media platforms.
Recently, the Government of India had also cautioned about security issues related to the use of Zoom.
The matter was taken up after there were reports of accounts being hacked. Nandakishore Hari, CEO of Technisanct, a cybersecurity research agency, said some of the security breaches took place due to mismanagement of credentials by the users.
CLICK HERE FOR COVID-19 LIVE UPDATES
“By cautiously handling such apps, data breach can be negated to a certain extent. Zoom is meant for private meetings but several people use it for webcasting as well. Similarly, when Zoom became popular during the lockdown, several users were found posting Zoom meeting IDs and passwords through Facebook and Twitter. Such acts make the account vulnerable to cyber attacks and hacks,” he said.
The users are advised not to use their personal meeting ID for conferencing. Instead, they should use new meeting IDs for each conference which can be generated randomly for a new meeting.
Similarly, the meeting should be locked once it commences so that no other person can log in even if the meeting credentials are shared by any participant. Enabling the waiting room facility can help hosts and co-hosts to ensure their participation. Do not receive any files from participants during the call using the file-sharing facility.
ALSO READ: 60 children 'horrified' as hacker streams sex abuse video during Zoom call
Also, disable screen sharing and mute all the participants at the beginning. Similarly, update the app regularly to ensure new safety features prevent data breaches. An official with Kerala Police’s Cyberdome in Thiruvananthapuram said that there are concerns regarding the encryption in Zoom.
“There were reports that primary security concern about Zoom is that it lacks end-to-end encryption. It used web-based encryption and did not have device-based encryption. Zoom authorities have agreed to address the issue after several agencies raised concern about the app. Zoom had admitted that during the surge of traffic, it routed some of the calls through Chinese servers. They admitted the mistake and promised to rectify it. Some cyber agencies have raised concerns about Zoom since 2017,” he said.