The Indian Ministry of Home and Affairs MHA issued a 16 page advisory on the use of video conferencing app zoom. It is mentioned that the video conferencing platform is not safe. After the lockdown period schools colleges and software companies are shut until the lockdown in order to ensure their stability school colleges and offices are using zoom application as a one-stop solution for video meetings.
Government warning issued after India’s cybersecurity e agency computer emergency response team of India had cautioned against the vulnerability of the Zoom application. CERT had pointed out that their application as a weakness that can make users vulnerable to Cyber attacks including them leakage of sensitive information of the office and video footage of the users to hackers.
Zoom application have become unavoidable during the the lockdown period.
As per Cyber Coordinate Center 16 Page Advisory is mentioned here
Zoom is a not a safe platform and advisory of cert-in on the
same dated Feb 06, 2020 and March 30, 2020 may kindly be
referred. These advisories are available on Cert-In website.
- Those private individuals who still would like to use Zoom
for private purposes may kindly follow the following guidelines
- The broad objective of this document is to enable/disable certain settings are to:
> prevent unauthorized entry in the conference room
> prevent an authorized participant to carry out malicious on
the terminals of others at the conference.
> Avoid DOS attack by restricting users through passwords
and access grants.
- Most of the settings can be done by login into users zoom
account at a website or installed application at PC/Laptop/Phone
and also during the conduct of the conference. However certain settings
are possible through certain mode/channel only. For example,
lock meetings can be enabled by the administrator only when the
meeting has started. This document explains in details all the
security configuration through the website, App and through console during the conduct of the conference
Guidelines to use Zoom Application
Since the application is necessary the government has issued guidelines to use the application. This guidelines includes an unauthorised entry in the conference room, preventing unauthorized participant to carry out malicious activity. The government has issued new guidelines after many users have a complaint about the instance of leaked passwords and hackers hijacking video calls through the conference.
- Create a new user id and password for each meeting
- Create a waiting room in the application so that your user will be able to enter the meeting only when the guest gives him permission.
- Disable join feature before hosting.
- Allow screen sharing by host only.
- Disabling ” allow removed participant to reach join”
- It is recommended to restrict or disable file transfer
- When all participants have joined it has been advised to lock the meeting room.
- Restrict the recording feature.
- To end the meeting( just leave if you are administrator)
Previously, the FBI, cautioned the users in the US on using Zoom for their daily video meetings. The cases of what is being termed “zoom-bombing” have grown exponentially,