Zoom video conferencing has been making headlines in the media as a great tool to connect individuals while also being targeted for a lack of security and vulnerabilities.  While we have been using Zoom for more than a year at SolutionWorx, the platform’s use has gone from about 10 million daily meeting participants in December to 200 million daily meeting participants in March. There is no doubt that they are a much larger target (and attack surface) today than they were just last year.

Zoom Logo

However, when we dig down on the recent news of security issues with Zoom they pretty much fall into three areas:

  1. Public Meetings
    Using unprotected public meetings – the big news was “zWarDial” a tool that finds random public meeting IDs and tries to join them. The key to prevent this issue is to use a password on your zoom meetings. By default now, Zoom automatically adds a password to new meetings. The hacking tools only work for meetings without a password.
  2. Malicious Code Via Chat Services
    There are some concerns about people being able to deliver malicious code via chat. This goes to knowing and inviting your attendees. We believe that this is low risk for our clients, but goes to basic cyber-hygiene – if you are not sure, don’t click it.
  3. Privacy/end to end encryption
    Zoom’s encryption is from Zoom to end users, not end user to end user through Zoom’s infrastructure. We believe that this is not a significant risk for general business (or personal) users.
video conferencing

Eric Yuan, the Founder and CEO of Zoom, has responded to this news in a promising way. He stated that Zoom will focus on security rather than new features over the next 90 days. This is a good thing and can only make the product more secure in the future. His full statement can be found in his blog post.

The result is that we believe that for most business (and personal) purposes, Zoom represents a great choice. We do not recommend moving to a different platform at this time. Though you should keep y