A security approach: Zoom
Many of us know the application that we will talk about today. During this time that quarantine began to be implemented as a result of the Covid-19, the Zoom video call application had a sudden success with a peak of 200 million video calls per day, thus it gained popularity as it allowed many people to feel more close and that companies and businesses will connect with their employees to develop their activities.
However, its popularity only resulted in the application being exposed to attackers willing to take advantage of the security “errors” that constitute this platform. Errors such as: credential errors, malware installation, camera and microphone hacking, Zoom bombing or unauthorized access to private meetings, sending information to third parties and other forms of monitoring, does not have end-to-end encryption in video conferences, among others.
Although Zoom has been in charge of solving some of its problems, this has already generated distrust in its users and many people have stopped using this platform to communicate, as more errors in cybersecurity continue to appear, which casts doubt on the effectiveness of your service.
In a blog post on April 1, Zoom CEO and founder Eric S. Yuan acknowledged Zoom's growing pains and promised that regular development of the platform would be suspended while the company worked to fix security and privacy issues. "We acknowledge that we have not met the privacy and security expectations of the community, and ours," Yuan wrote, explaining that Zoom had been developed for large companies with internal IT staff who could configure and run the software.
Consequently, for April 22, Zoom announced the arrival of its updated Desktop Software for Windows, Mac and Linux, version 5.0, which according to the members of this platform includes many of the security corrections necessary for it’s proper functioning and privacy.
These include the skills to eject Zoom bombers from meetings, use routing controls to make sure meetings don't pass through China, and make sure everyone waiting for a meeting is kept in a "waiting room". It also adds a security icon to the host screen and adds better encryption to Zoom meeting video streams. However, the update will not be available until Sunday, April 26.
Accordingly, Zoom “strongly recommends users to implement passwords for all their meetings to ensure that uninvited users cannot join,” the company said in a written statement shared with Brian Krebs, author of the KrebsOnSecurity.com blog, which covers computer security and cybercrime.
In this context of a pandemic, companies are more exposed to making quick decisions and must be very well informed, to protect their employees, consumers and partners. Faced with these and other challenges, they need a proactive partner who can anticipate and neutralize threats before they materialize.
This is why at Teracloud as specialists in Cloud services, we take care of helping organizations protect their information throughout the security life cycle. We apply encryption for the stored data and in the same way we take advantage of our resources and knowledge to apply them to the different needs of each business, generating trust and development in our clients.
If you want to know more about our services, email to our team member firstname.lastname@example.org.