{"id":18566,"date":"2021-07-26T16:40:50","date_gmt":"2021-07-26T12:40:50","guid":{"rendered":"https:\/\/me-en.kaspersky.com\/blog\/zoom-secure-video-conferencing\/18566\/"},"modified":"2021-07-26T16:40:50","modified_gmt":"2021-07-26T12:40:50","slug":"zoom-secure-video-conferencing","status":"publish","type":"post","link":"https:\/\/me-en.kaspersky.com\/blog\/zoom-secure-video-conferencing\/18566\/","title":{"rendered":"How to host a truly secure Zoom conference"},"content":{"rendered":"

At a time when businesses worldwide were shedding money because of the pandemic, Zoom saw revenue growth of 370%<\/a> in just one quarter, becoming a household name and a verb in the process. But right from the start the service faced pointed questions about security<\/a>, and to their credit, the developers did their best to address them quickly.<\/p>\n

In the light of Zoom\u2019s beefed-up security mechanisms<\/a>, here\u2019s what you can \u2014 and should \u2014 configure to ensure maximum protection while Zooming.<\/p>\n

1. Make the meeting unique<\/h2>\n

You can set up a Zoom conference either with a Personal Meeting ID (PMI)<\/a> or, for one-off chats, with a one-time link. Tied to a user\u2019s account, a PMI persists unchanged for a full year from the last login, so anyone who has attended at least one PMI-based meeting can connect to any future conversation using the same PMI, even if you don\u2019t invite them. Therefore, avoid using personal links, and instead create a separate link for each meeting<\/a> \u2014 it takes just a few seconds.<\/p>\n\n

2. Require invitations<\/h2>\n

Publicly sharing a link to a meeting is risky. You might as well spray-paint party details on a public wall and hope no one crashes. Notify each participant individually, whether by e-mail, messaging app, or another convenient means. If you realize someone\u2019s missing from a call already in progress, send an invitation<\/a> right from Zoom.<\/p>\n

3. Set up face control<\/h2>\n

Even if you sent a link personally to a friend or colleague, that\u2019s no guarantee someone else won\u2019t use it to join the call: Your friend might have forwarded the link to someone else, or it could be a mischievous kid brother \u2014 or a hacker.<\/p>\n

The Waiting Room<\/a> can help you make sure that there\u2019re no uninvited guests on the call. If you enable the feature, attendees will remain sequestered until you look over the names and nicknames and decide who to let in.<\/p>\n

After the meeting starts, you can send someone back to the Waiting Room if, say, you need to discuss something with a smaller team. You can also choose to enable the Waiting Room for everyone or only for guests who are not signed in to their Zoom accounts.<\/p>\n

4. Lock the Zoom meeting<\/h2>\n

Once everyone is in, you can lock the meeting<\/a> so that no one else can join. That way, even if the link to your video chat is available to outsiders, they will not be able to use it. Incidentally, locking has become one of the most effective ways to combat Zoombombing<\/a><\/em>, the practice of invading Zoom calls, which became widespread during the pandemic.<\/p>\n\n

5. Enable end-to-end encryption<\/h2>\n

Zoom has long used point-to-point encryption (P2PE), whereby private keys are stored on the server. P2PE protects against simple data interception, but hacking the Zoom server enables an attacker to decrypt the conversation.<\/p>\n

Therefore, Zoom developers added end-to-end encryption (E2EE), which stores keys only on users\u2019 devices. Enable end-to-end encryption<\/a> and a green shield with a padlock will appear in the upper left corner of the Zoom screen. That icon means the call is protected against eavesdropping.<\/p>\n

Bear in mind that end-to-end encryption is disabled by default for a reason: With it enabled, participants using the Lync or Skype clients, the online version of the Zoom Web client, or any third-party clients for Zoom will not be able to join the call. In addition, users with free accounts will be asked to confirm their phone number and add a payment method.<\/p>\n

6. Check the channel\u2019s security<\/h2>\n

You can check at any time to see if outsiders have used a man-in-the-middle attack to connect to your communication channel. Click on the shield icon and you will see a secret key<\/a>. The host can read it out loud, and participants can compare it with their own. The numeric key is directly related to the end-to-end encryption mechanism that connects attendees\u2019 devices. If the host\u2019s key matches those of the call participants, that means the connection between the end devices has not been compromised. If an attacker has interfered with it, the sequence of numbers will be different.<\/p>\n

When the host\u2019s functions are transferred to another participant, or someone joins or leaves the meeting, the system generates another secret key, and participants can check it again.<\/p>\n

7. Get extra protection<\/h2>\n

To hide your IP address \u2014 and the call itself \u2014 from outsiders, be sure to connect using a secure connection such as Kaspersky VPN Secure Connection<\/a>. Using a VPN is especially important for calls conducted over public Wi-Fi.<\/p>\n

Don\u2019t forget to use a reliable security solution<\/a>, either\u00a0\u2014 no matter how much Zoom has improved its security, it cannot do anything about malware that has already set up shop on a call participant\u2019s device.<\/p>\n\n","protected":false},"excerpt":{"rendered":"

We explore the security settings of one of the most popular chat platforms on the planet.<\/p>\n","protected":false},"author":2581,"featured_media":18567,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[9],"tags":[2309,43,97,2266,2267],"class_list":{"0":"post-18566","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-tips","8":"tag-end-to-end-encryption","9":"tag-privacy","10":"tag-security-2","11":"tag-video-conferencing","12":"tag-zoom"},"hreflang":[{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/zoom-secure-video-conferencing\/18566\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/zoom-secure-video-conferencing\/23084\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/zoom-secure-video-conferencing\/9279\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/zoom-secure-video-conferencing\/25061\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/zoom-secure-video-conferencing\/23072\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/zoom-secure-video-conferencing\/22411\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/zoom-secure-video-conferencing\/25701\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/zoom-secure-video-conferencing\/25173\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/zoom-secure-video-conferencing\/31096\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/zoom-secure-video-conferencing\/9861\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/zoom-secure-video-conferencing\/40763\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/zoom-secure-video-conferencing\/17370\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/zoom-secure-video-conferencing\/17827\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/zoom-secure-video-conferencing\/15077\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/zoom-secure-video-conferencing\/27102\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/zoom-secure-video-conferencing\/27321\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/zoom-secure-video-conferencing\/24127\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/zoom-secure-video-conferencing\/29461\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/zoom-secure-video-conferencing\/29253\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/me-en.kaspersky.com\/blog\/tag\/zoom\/","name":"Zoom"},"_links":{"self":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/18566","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/2581"}],"replies":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=18566"}],"version-history":[{"count":0,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/18566\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/18567"}],"wp:attachment":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=18566"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=18566"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=18566"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}