Anyone restricting use of Zoom given recent security concerns?
Yes. We are removing the .exe and reiterating the corporate standard of MS-Teams.
Moving to Teams next week.
Not at this time. Zoom being mainly used for educational webinars. WebEx & Teams are primary tools for non-webinar use.
No, not anymore after the fixed the security issue and we asked our staff that if they use Zoom to add a pass-code to the meeting and that is it.
For enterprise use, we have skype, and are starting to use Teams on a limited basis. KCS info security did route to the enterprise the risks and security concerns that have cropped with zoom with recommendations of how protect yourself if zoom is your only option. We would not use Zoom for any corporate meetings or meetings we set up with external parties.
No. We’ve provided users with cautionary advice on Zoom use (see below). Users are able to use Webex and Teams as well.
The FBI recommends exercising due diligence and caution in cyber security efforts, and recommends these steps to mitigate teleconference hijacking threats:
• Do not make meetings public. In Zoom, there are two options to make a meeting private: require a meeting password or use the waiting room feature and control admitting guests.
• Do not share a link to a teleconference on an unrestricted publicly available social media post. Provide the link directly to specific people.
• Manage screen-sharing options. In Zoom, change screen-sharing to “Host Only.”
• Ensure users are using the updated version of remote access/meeting applications. In January 2020, Zoom updated its software and added passwords by default for meetings and disabled the ability to randomly scan for meetings to join.
I was just informed by a good friend of mine that her company has white labeled the Zoom product that is then encased on their own secured network. You receive the same user experience just as before but now it is secure. They are offering the first 90 days free and after that it's $9.95 per administrator per month. I just used it on a conference call and it was exactly like being on Zoom. Let me know who is interested and I can set up an introduction.
We have ensured that they are required to put in a passcode and that we use the waiting room. This has taken care of our concerns along with the update this week to their software.
We were 90% on Teams anyway. the outliers were just in the marketing division so it was easy enough to move them over. They put up a fuss but once I showed them what was happening they were on board.
For state employees within NC Dept of Health & Human Services, we're restricted from using Zoom until it is certified that the issues have been resolved. Our primary group collaboration tool is Microsoft Teams. The option has been around for quite a few months, but only in recent weeks has its usage / adoption seen explosive growth (for obvious reasons). We also use Cisco Webex as a secondary tool. Even after the restrictions get lifted on Zoom (which we're expecting), we've always been encouraged to exercise due diligence (things like requiring a passcode, screening attendees before letting them join, not letting anyone join before the host, etc.).
No, we are still using Zoom. We were worried and took appropriate measures. Just like other leaders have mentioned, we educated users to lock their meetings, passwords and waiting room to their advantage. We ensured that outbound 445 port was blocked, and pushed updates regularly and quickly to our 200+ computers. Our backup options were Skype, Teams and Slack.
We talked with a Zoom rep. He was honest in addressing all of our concerns without any excuses, taking responsibility and showing commitment towards improving security. We believe Zoom will regain customers' trust.
We have not restricted use but are requiring passwords be used.
Yes, we are advising all local agencies and communities to avoid Zoom. It is true that there are good measures that moderators and participants can help to mitigate privacy risks when using any virtual meeting platform. However, Zooms security weaknesses go deeper into its architecture. Zoom has created weaknesses in its platform which other solutions consider basic and have been tested over time.
Encryption appears based upon Zoom accounts to be transport instead of tunnel which allows access outside endpoints.
Industry third-party certification and testing does not exist or is not made available to customers to verify protections like other platforms.
The application deployed to Windows computers has been found to have fundamental security flaws which other trusted platforms do not have.
Perform a quick Internet search of companies banning Zoom and you will find several trusted sources and major companies.
Friends don't advise friends to use Zoom.
We are not moving away from Zoom at this time. It is heavily used and from I have read most security issues were self-inflicted by companies/users not using proper security settings. It's hard to blame Zoom if you do not use the security tools given to you. Yes, there are some changes that need to be made but they are overcome with proper settings at least as far as the Zoombombing goes. I guess I do not see Zoombombing as hacking. Maybe I missed something though.
Charles Burton - on your comment of "Encryption appears based upon Zoom accounts to be transport instead of tunnel". From my understanding, Doesn't most banking websites use transport encryption and not tunnel encryption? It seems to be acceptable for that use.
We just got Zoom for a Enterprise Solution. It had been great and we are looking at security and maybe setting passwords.
We already use TEAMS and we have issues with large groups all on at the same time.