Security implications of Zoom and House Party Apps
Zoom
The UK Government used zoom for their cabinet meeting, so did the NZ Government. The GCSB has told our Government it is safe to use for non-confidential chat. Our tips : -
- If you are having a confidential meeting, then put a password on the meeting.
- Zoom is not set to record the meeting by default, but if you change this setting, make sure you inform everyone that the meeting is being recorded.
- If you record the meeting, then password protect it and use a unique name when saving it.
- Take great care about where you save your recorded meetings. (e.g. not on a shared or open/free server in the cloud) as names, addresses and other confidential information could be accessed.
- It is possible to increase the security on zoom but you'll need IT assistance for this.
Information and advice changes daily in IT circles so if all of a sudden someone posted the transcript of a cabinet meeting online, then it goes without saying that the government wouldn't use zoom again! One of the reasons why it would be hacked would be if someone (like Boris Johnston did) posted the meeting ID on twitter, so the whole world would know the id of the meeting to join!
As always, everyone blames the technology but in our experience a lot of the time it is the end user that is the weakest link due to lack of knowledge, doing something silly or simply not having the adequate training on how to use the technology correctly. Advice on IT security is also heavily opinionated with IT companies trying to use situations to their advantage to sell alternative products.
Our opinion : As our prime minister said, there is absolutely nothing wrong with zoom for chat and they will continue to use it until otherwise advised by the GCSB. So continue to use it for chat and if you are concerned about the meeting being hacked (known as zoom bombing), putting a password on your zoom meeting is a good start.
If you have doubts or concerns about Zoom and would like to understand how to set up the encryption from zoom end point to zoome end point, along with other best practices such as screen sharing controls, we can assist. Just like other companies, we are also able to help set up and configure alternatives such as Microsoft Teams, GoTo Meetings, or any other conferencing solution and give advice on this. We are currently assisting the medical industry and they as a whole have decided to use Doxy. So everyone is different and there are different solutions to suit everyone's needs.
House Party App
Rumours circulated that this had been hacked and that by installing this app all your contacts and details would be compromised, etc etc This then led to millions uninstalling it. However, this rumour turned out to be false but in the meantime, the damage has been done! House Party app have issued a $1 million dollar reward to anyone that can prove that their app can be hacked and used for malicious purposes. Apparently the rumour was started by their competition! So as you can see, there is a lot of true and misinformation around.