Zoom Video Communications Inc is not a safe platform and those using the video calling platform need to follow certain guidelines, the Minister of Home Affairs' Cyber Coordination Centre has said. The MHA said its advisory on the Computer Emergency Response Team (CERT-IN), dated Feb 06 and March 30, should be referred while using the online platform. Zoom claims to have over 20 crore daily users on its platform.
"Prevent unauthorised entry in the conference room; prevent an authorised participant to carry out malicious (act) on the terminals of other in the conference; and avoid DOS attack by restricting users through passwords and access grant," the MHA statement said. Most settings can be done by login into users' Zoom account or by installing the application on phone or laptop or computer, it added.
The US-based video-conferencing app provides software, including a mobile app, for video-telephony, online chat, and business telephone systems. Use of the platform is free for video conferences of up to 100 participants, with a 40-minute time limit.
Zoom Video Communications Inc was slapped with a class-action suit by one of its shareholders on Tuesday, accusing the video-conferencing app of overstating its privacy standards and failing to disclose that its service was not end-to-end encrypted. The platform also courted controversy after it was alleged that over 5 lakh Zoom account credentials, due to security breach, were available for sale online on the Dark Web.
In response, Zoom stated that it takes user securoty extremely seriously. "A large number of global institutions ranging from the world's largest financial services companies and telecommunications providers, to non-governmental organisations and government agencies, have done exhaustive security reviews of our user, network and datacenter layers and continue to use Zoom for most or all of their unified communications needs," a Zoom spokesperson said.
Here's how you can make Zoom meeting secure:
- Set new user ID and password for each meeting
- Enable waiting room, so that every user can enter only when host conducting meeting admits him
- Disable join before host
- Allow screen sharing by host only
- Disable "allow removed participants to re-join"
- Restrict file transfer option (if not required)
- Lock meeting, once all attendees join
- Restrict recording feature
- End meeting, and not just leave, if you are administrator