Get all the latest news on coronavirus and more delivered daily to your inbox. Sign up here.
Continue Reading Below
The software can be used for remote meetings and webinars. Hosting a Zoom meeting is relatively simple.
First, users must download and open the Zoom app on their phones or computers. Next, depending on whether the host wants to use video or just audio, users must click on either "start without video" or "start with video."
Users are then prompted to invite others into the call by copying an invitation or invitation URL and then sending that URL to other participants via email.
Finally, users are prompted to schedule their meetings; this includes giving the meeting a name, date, time, duration, names of those involved in the meeting and so on. This final step also includes one other essential option: setting up a password and meeting ID.
Using a login password is one of cybersecurity firm Check Point Research's four tips for safely using Zoom.
The app updated its security in September after Check Point in January discovered vulnerabilities that could have allowed strangers to eavesdrop on conversations.
Check Point revealed that the eavesdropping hack that impacted "scores" of video meetings on Zoom, which has more than 74,000 customers and is used by 60 percent of the Fortune 500 and more than 96 percent of the country's top colleges, the firm said.
In light of their January report, Check Point Vulnerability Research Team Lead Omri Herscovici shared four tips on how to safely use Zoom on Thursday.
Keep software up to date
First, Check Point recommends Zoom users update their app as much as possible because software updates often come with bug fixes and new features that make the app as secure as possible. iPhone and Android users can set up automatic app updates in their settings.
Set-up a password
"Our investigation into Zoom conference security showed how an attacker could guess random numbers allocated to Zoom conference URLs and penetrate them without alerting the hosts," Herscovici wrote in his advice. "The breach happened with conversations where no passwords were set. Zoom fixed the security breach and adopted our recommendations, with all scheduled meetings automatically protected by a password."
Hosts should click the "Manage Participants" feature to decide which participants can and cannot access their cameras and microphones.
Herscovici advised Zoom users to assume that what happens on Zoom does not stay on Zoom as a general rule of thumb.
"Zoom allows you to record video calls and export them as video files as soon as the call ends. This is a very useful tool when you want to update those who were not present at the meeting. The security problem that comes with using this tool is almost self-explanatory: since conversation participants can export the recorded file, the file can actually find its way into malicious hands," Herscovici wrote.
The call manager can decide which of the participants may record the call through the participant management window and click "Allow Record."
"Do also take note that the participant can always record the conversation using external software for recording the screen," he said. "Therefore, always assume that you may be recorded and act accordingly."
Video conference apps like Zoom, Microsoft's Teams and Teams for Education and Cisco's WebEx, as well as work email alternative Slack, are offering a number of incentives to expand services to the new remote workforce.