Blog | Holm Security

Secure Your Video Conference: 6 Essential Tips

Written by Jan Willem Plokkaar | Apr 16, 2020 8:14:00 AM


So far it can be said that the Zoom team has reacted very quickly to the criticism and discoveries. As with other services, such updates will not resolve every complaint immediately, but several challenges are well worth reviewing and implementing where possible. In this blog, I come with a number of tips to apply improvements yourself.

Protect Your Account

A Zoom account works just like any other account you use. So here too the basic principles of account protection apply. Use a strong and unique password and protect your account with two-factor authentication, making the account more difficult to hack.

Another notable Zoom setting: after you register, in addition to a personal login and password, you get a Personal Meeting ID. Do not make it public. It is made very easy for us to leak these personal Meeting IDs via social media, for example. So be careful with the use of public meetings and the combination with your Personal Meeting ID.

Use Your Business Email for a Zoom Registration

A strange bug with Zoom (which was not resolved at the time of writing) is causing the service to link email addresses from the same domain. A type of service can be compared to LinkedIn ("People you may know"). Very useful when it comes to well-known organizations, but inconvenient when it comes to public email providers. This has happened, for example, to users who have registered a Zoom account with the domain name "yandex.kz", a public email service in Kazakhstan. It is not excluded that this can also happen with domain names belonging to smaller public e-mail providers.

Therefore, use your work e-mail to register with Zoom. If you don't have a corporate email, use an account with a known public domain to keep your personal contact information private.

Don't Fall for Fake Zoom Apps

Kaspersky security researchers have discovered an explosive increase in the number of malicious files shared with names of popular video conference services (Webex, GoToMeeting, Zoom, and others) in March. That most likely means that hackers are ramping up their activities based on the popularity of Zoom and other apps, trying to cloak malware as video conference messages or files.
So don't fall for it! Use Zooms's official website - zoom.us - to safely download Zoom.

Protect Every Meeting with a Password

Setting a meeting password remains the best way to ensure that only people who are invited are present. Zoom recently turned on its password protection by default - a great move. Please note, do not confuse the meeting password with the password of your Zoom account. Never share the Zoom password via social media.

Switch on Waiting Room Function

Another setting that gives more control over the meeting is the Waiting Room feature - recently turned on by default. Have participants wait in a "waiting room" for the host to approve them all. This gives the opportunity to determine who will participate in the meeting. This keeps uninvited participants outside the meeting.

Think About What People Can See or Hear

It applies to any video conference service. Take the time to think about what people will see or hear when you join a conversation. Even if you work from home, always have clean pajamas and take out personal items. The same goes for the screen if you plan to share it. Close any windows you don't want others to see and make sure that unnecessary documents and applications are turned off. This includes pop-ups of new e-mails and Slack messages.