Read This Before You Zoom: FTC & Zoombombing

Tips from the FTC to secure your online communication

Quarantine life has created an unprecedented need for video conferencing. Zoom added more users in the first half of 2020 then they did in all of 2019. Maintaining connections for work, school, and family life is more important than ever, and technology tools like Zoom make it possible to adapt when the ability to meet face to face isn’t an option.  

As harmless as it may seem to jump on a video call, the privacy concerns are real. Can you be sure the apps you’re using are adhering to the privacy practices promised in their terms of service? By the developers’ own admission, it’s impossible to promise end-to-end encryption on a video conference line. Contact information, including emails, can be stolen by hackers with access to your online link. Proprietary business data can be taken as well, and hackers are coming up with even more creative ways to disrupt conference calls (“zoombombing” is a thing now). By overwhelming the attendance or even posting pornography, “Zoombombers” are able to end meetings and destroy productivity. The more sophisticated hackers will bring malware, allowing them to take control of your video and audio. 

So, what can you and your team do to protect yourselves from attacks like zoombombing? The Federal Trade Commission offers some helpful hints to secure your online communication. 

1. Make sure only invited participants are able to join your meeting.  Some services allow hosts to password-protect a meeting. Others limit access by providing unique ID numbers for each meeting or for each participant. Some services may even give the host the option to lock the meeting once the expected participants have arrived, preventing others from joining.  

2. Be careful before sharing your screen. Before sharing, make sure you don’t have open documents, browser windows, or other items that you don’t intend to share. Some services have options that allow the host to turn off screen sharing or to limit its use to the host. 

3. Don’t open unexpected video conference invitations or click on links. With the upsurge in video conferencing, malicious actors are sending emails mimicking meeting invitations or other communications from conferencing services.  

4. If confidentiality is crucial, video conferencing may not be the best option. No conferencing service can guarantee the security of your information, so consider alternatives if you need to talk about particularly sensitive topics. Evaluate whether an enterprise service would provide greater security for your company and clients, rather than free services available to the general public.  

5. Before using a conferencing service, review key provisions in the service’s privacy policy to understand how your information will be handled. What information does the conferencing service collect about you? Does the privacy policy limit the company from using your information for purposes other than providing their conferencing service?  

6. Update your video conferencing software. As security issues arise, many video conferencing companies are updating their software with patches and fixes.  

7. Establish preferred video conferencing practices at your business. Employees are doing their best to maintain productivity during a trying time. A well-meaning staffer may inadvertently put sensitive data at risk by enabling video conferencing services that don’t meet your company’s privacy or security standards. Share these tips with your team, establish company-wide video conferencing dos and don’ts, and emphasize the need to select the more secure options when hosting or joining video conferences. 

Don’t Let Zoombombing Disrupt Your Organization

Virtual phone calls create and maintain important connections when organizations must remain remote. By following these tips, you can secure your organization’s web-based communications and prevent damaging hacking attempts.