Doomed by Zoom

Zoom, a video conferencing service,  has recently gained popularity over the past few weeks while organizations have been mandated to enforce remote work. Zoom now has a gigantic spotlight on them and with the millions of new users, an attack vector ripe for exploit.  It was recently released to the world that attackers can use Zoom to steal users' Windows credentials. Here are a few things to keep in mind to ensure that your users aren't going to be doomed by Zoom:

  • Keep Zoom meetings private -
    • Don't give out your private room URL to anyone - make all your Zoom meetings private and specific to only the date and time of your meeting. You wouldn't leave your front door wide open for strangers to walk in....Zoom meetings are the same.
  • Leverage other virtual meeting solutions-
    • While Zoom enacts a feature freeze for the next 90 days to secure its features, don't be scared to try a new platform to host your virtual meetings. Due to the increased amount of remote workers, other video conferencing solutions, like 8x8, are offering free trials and/or free video conferencing services. 
  • Look at the behavior on endpoints -
    • Next Gen Endpoint protection has the capability to learn and respond to new attack and exploit angles, like Zoom bombing.  
    • Having a SOC/Managed SIEM reviewing activity and investigating strange or unrecognized behavior can keep you from being exposed to threats like credential theft and ransomware attacks.
  • Real-Time Vulnerability scanning on the WAN/LAN -
    • Many organizations had to change quickly to enable a remote workforce, what new vulnerabilities has that created for you? know what the health of devices attached to your network is more than half the battle.

There are always going to be technical vulnerabilities found and patches released, that shouldn't be too surprising since no platform is ever 100% secure. User training, guidance on how to best use the tools securely and efficiently will help enable an organization to have a  have a stronger security posture in the long-term. 


If your organization needs assistance with security or video conferencing solutions, please reach out to C3 Technology Advisors! For more information about working from home and securing your data, check out our Work From Home page. 


C3 Technology Advisors

Get updated when we post new blogs and stay up to date with technology trends!