With businesses rushing to use videoconferencing systems so employees can continue doing their work, the issue of data and information security has moved to the fore—and with good reason. First, users of videoconferencing platform Zoom have had to scramble to improve their understanding of how to control the conference-administrator settings after mischief-makers were finding unsecure business videoconferences and taking control of the screen to show violent or pornographic images—a tactic known as “Zoombombing.” Here’s Cnet’s four-step process for increasing privacy on Zoom.
As if that wasn’t bad enough, a recent report from Time.com found that spies from China, Russia, and elsewhere are trying to break into corporate, association, academic, and government meetings held via Zoom and other video-meeting platforms that use the public internet. But rather than openly disrupt videoconferences, the perpetrators are monitoring conversations in order to steal information that can be used for profit by other organizations.
One thing that caused confusion among users was Zoom’s initial claim that its platform provides “end-to-end encryption” for all conversations. In early April, Oded Gal, the chief product officer for Zoom Video, clarified in a blog that encryption was in fact absent from some online messaging tools used in Zoom. “While we never intended to deceive any of our customers, we recognize that there is a discrepancy between the commonly accepted definition of end-to-end encryption and how we were using it,” Gal wrote
That’s just one more reason why coordinators of virtual events should engage IT-security personnel during the planning and testing of videoconference platforms.