Government on Zoom App - Not a Secure Platform, Warns MHA

The Ministry of Home Affairs (MHA) on Thursday (16 April, 2020) stated that the Zoom meeting app is not a safe platform for video conference and meetings as there are issues of privacy and security. 'Zoom is not a safe platform', stated the Ministry of Home Affairs on Thursday. The Ministry’s advisory comes after the national cyber-security agency – Computer Emergency Response Team of India (CERT-in) warned against the cyber vulnerability of this popular app, currently being used by a number of thousands of professionals and students working from home due to the Covid-19 pandemic.

The government has issued guidelines and stated that, 'those private individuals who still would like to use Zoom for private purpose may kindly follow the following guidelines'.

Zoom App Not a Secure Platform

Zoom app is formed by the American company Zoom Video Communication, Inc. Indian government has stated the app as unsecure because of its security flaws and issued some guidelines for the people using it.

Broad objective of the CERT document on Zoom Application's security is to enable/disable certain settings is to

1. prevent unauthorised entry in the conference room.
2. prevent an authorised participant to carry out malicious on the terminals of other in the conference.
3. Avoid DOS attack by restricting users through passwords and access grant.

Most of the setting scan be done by login into users zoom account at website, or installed application at PC/Laptop/Phone and also during conduct of conference. However certain settings are possible through certain mode/channel only.  For example, lock meeting can be enabled by administrator only when the meeting has started.  The document explains in details all the security configuration through website, App and through console during the conduct of conference.

Security Configuration of Zoom App-

The CERT-In (Computer Response Team of India) has issued the following advisory for the use of ‘Zoom’ application. Here are some things you should do if you use the ‘zoom’ application-

1. Setting new user ID and password for each meeting.
2. Enabling waiting Room, so that every user can enter only when host conducting meeting admits him.
3. Disabling join before host.
4. Allowing screen sharing by host ‘only’.
5. Disabling 'Allow removed participants to re-join'.
6. Restricting/disabling file transfer option (if not required).
7. Locking meeting, once all attendees have joined
8. Restricting the recording feature
9. To end meeting (and not just leave, if you are administrator).

Should Read- MHA on Zoom App Security: Document

World view on Zoom app:

The cyber vulnerability of zoom app is just not a concern for India but for the world as well. In March 2020, ‘New York State Attorney General Letitia James’ launched an inquiry into Zoom's privacy and security practices. Following these inquiries, Zoom was banned from New York City schools by the New York City Department of Education.

• Tech giant Google has also issued a ban on the use of the Zoom video conferencing app for all its employees citing security concerns.
• Recently, Singapore has also stopped its teachers from using the Zoom app because of various serious incidents that occurred in the first week of lockdown. 

The America-based 'Zoom Application' has recently gained popularity because of its easy use and number of people it can hold conference with. But with recent events and because of its cyber vulnerability, the use of application has become an issue and is major concern among different countries of the world.