The Ministry of Home Affairs (MHA) has released a set of guidelines for Zoom users to keep themselves, their colleagues, friends and family safe from possible cyber-attacks and online harassment. That’s because, the ministry says the viral video-conferencing app is “not a safe platform” from the privacy point of view. The 16-page advisory was released by the ministry’s Cyber Coordination Center (CyCord) following a similar warning by India’s nodal cyber security agency, the Computer Emergency Response Team of India (CERT-IN).
In its report released earlier in the week, CERT-IN said that no government official should use the platform for conducting official business to prevent possible cyber-attacks and the leakage of sensitive information. However, the agency also said that general users not wanting to ditch the software should follow some stringent guidelines to prevent anything untoward.
The MHA advisory is also along similar lines, asking users to follow new guidelines to prevent meetings being hijacked by unauthorized parties. The following are the complete set of new guidelines from the Home Ministry on how to keep your Zoom conference calls from being hijacked by unauthorized people:
- Create a new user ID and password for each meeting
- Create a waiting room in the app so that a user will be able to enter the meeting only when the host gives them permission
- Disable the ‘Join’ feature before hosting
- Allow Screen sharing by Host only
- Disable the option: “Allow removed participants to re-join”
- Restrict or disable file transfer
- Lock the meeting when all participants have joined
- Restrict the recording feature
- End every meeting (not just leave), if you are an administrator
Zoom has come under fire from various quarters for its privacy practices and how it handles user-data. The company last month was hit with a class-action lawsuit in the US over allegations that it shares data with Facebook without explicit consent from users. The service has also come under fire for ‘Zoom Bombing’, whereby unauthorized people can often gain access to meetings and conference calls meant for colleagues and friends.
On his part, Zoom CEO, Eric Yuan, has apologized for the security loopholes in the app. The company also rolled out updates to fix most of the glaring problems, saying that it takes “privacy, security, and trust extremely seriously”. Yuan also announced a moratorium on new features for the next 90 days, whereby the company would stop all work on new features and instead, would focus on improving the security and privacy of the platform.