Zoom Security Risks and How to Prevent Them

May 25th, 2020
Zoom Security Risks and How to Prevent Them


COVID-19 has thrust many companies and employees into remote work – many of whom are now relying on video conferencing tools, like Zoom, to maintain their productivity. In three short months, Zoom’s user base has increased from 10 million users to over 200 million. With this rapid growth, Zoom has had its share of security issues – particularly in the last few months. If your company has been relying on this platform to bridge the gap during remote work, it’s important to be aware of the security risks associated with it.

Zoom Security Issues

With the massive influx of users, it makes sense that Zoom has become a target for online hackers. Here are some of the most common security threats for Zoom users right now:

  • Zoom Bombing” – Calls that are not password protected are easily hacked by anyone who inputs the meeting code, which is easier to guess than you may think.
  • No End-to-End Encryption – While Zoom claims that all calls made on their platform can be encrypted, they don’t use the standard kind of encryption for private communication platforms that ensures only the recipient of the message and the person who sent it has access. With this endto-end encryption, not even the application or its employees has access. Zoom, however, uses a different type of encryption that shares the encryption key with Zoom callers globally, which potentially grants them full access to audio and video.
  • Unsecure Data – Zoom recently updated its iPhone and iPad apps to stop Facebook from collecting its users’ data, meaning they potentially share data with other parties.

How to Stay Safe

Opting for a different video conference tool is the most effective way to protect yourself. We recommend Microsoft Teams, which offers much more security and comes as part of your Office 365 subscription; there is also a free version available.

If you do continue to use Zoom, we recommend the following:

  • Turn on the Waiting Room Feature – This allows you to individually admit each of your meeting’s attendees and also allows you to remove participants from the meeting and block their return.
  • Don’t Use Personal Meeting IDs for Public Meetings – While you have the option to customize your meeting ID, it’s recommended that you use the randomly generated IDs because it ensures that only invited individuals will know how to join the meeting.
  • Require a Password – Requiring a password for all attendees adds an extra layer of security to your meeting because only those with the password can gain access to the meeting.
  • Use the Security Menu – During the meeting, take a look at the security menu. In this menu, you can lock your meeting, manage participants, and set up a waiting room.
  • Choose a Trusted Co-Host – All the features listed above are only available to the host of the meeting. If you need help managing the meeting participants – like muting microphones, disabling private chats, or turning off screen-sharing – we recommend choosing a trustworthy individual to designate as co-host. This individual will have the same privileges as you, the host.
  • Remove Participants – As a last resort, you can easily remove unwanted guests from your meeting at any point. You can also edit your settings so that guests may not rejoin the meeting once removed.

Have more questions about staying safe on Zoom or making the switch to Office 365 and Microsoft Teams? We’re happy to help.