How safe is using Zoom for video conferencing?

Published: Tuesday, 07 April 2020 08:55

One of the impacts of the COVID-19 pandemic is the rapid uptake in the use of video conferencing, especially the Zoom platform. Recently questions have been asked about how secure Zoom is. Here, Elliott Thompson gives  his view on what the real risk of using Zoom is and offers tips to mitigate.

The main ongoing privacy concern with Zoom is that the employees of Zoom can view people’s video/audio. This doesn’t mean they do, but architecturally they can. The same is also true for Teams, Skype and most other video conferencing systems. 

Separate from the overall way that Zoom works, there have been several publicly disclosed vulnerabilities:

There have been some serious flaws affecting almost all Zoom products. And in some cases, the fixes that have been put in place have been undone by later patches. While Zoom does seem to have more than their fair share of vulnerabilities, it is not the only video conferencing tool with these kinds of flaws; for example, Cisco WebEx had an extremely critical code execution vulnerability that was found in 2017. 

There is definitely an increased risk with using any application like Zoom. But whether that risk is acceptable is up to the organization. For some businesses, the features outweigh the risk, for others, the risk is too high no matter what the features are. Like anything – you have to take a risk-based approach to the tools and technologies used. 

One point to also consider is that Zoom is getting a significant amount of attention and so far seem to be proactively responding and actively improving their security posture. There are many, many more flaws in many, many other products that are simply not even known about yet or haven’t had the attention for them to be found.

Key steps you can take to help mitigate risks:

The author

Elliott Thompson is Principal Cybersecurity Consultant, SureCloud.