NEW DELHI: The Ministry of Home Affairs (MHA) on Thursday said the Zoom meeting app is not a safe platform for video conference, issuing a set of guidelines for the safety of private users who “still would like to use Zoom for a private purpose“.
According to the advisory, MHA has deemed Zoom as an unsafe platform and it is asking individuals using the video conferencing app to adhere to certain security settings in a bid to safeguard their meetings from malicious attackers.
The Ministry said, “Zoom is not a safe platform.”
The government said it will prevent unauthorised entry in the conference room and even malicious activity by authorised participants on terminals of the other participants. It would also avoid DOS attack by restricting users through passwords and access grant.
“Most of the settings can be done by login into users zoom account at website or installed application at PC/Laptop/Phone and also during the conduct of the conference. However certain settings are possible through certain mode/channel only,” the guidelines from the Union home ministry read.
The ministry in a two-page long document is asking to enable security settings, such as the Lock Meeting feature, while on a conference call to safeguard their data.
The ministry has also detailed a list of checks or the features that users can adhere to in order to safeguard their meetings and their data from hackers.
Read the complete MHA Advisory Here:
Here is the list of checks shared by the MHA:
- Setting a new user ID and password for each meeting.
- Enabling the Waiting Room feature in order to ensure that a user can enter only when the host conducting the meeting permits him to.
- Disabling join before host feature.
- Allowing screen sharing by host only — Disabling “Allow removed participants to re-join” feature.
- Restricting file transfer option.
- Restricting recording feature.
- Ending the meeting and not just leaving it.
The MHA said that that adhering to these safety practices would not only prevent unauthorised entry into the meeting rooms, but it would also DOS attacks and prevent authorised people to carry out malicious tasks within various conferences.
It is worth noting that the document on the usage of Zoom app comes weeks after the Computer Emergency Response Team of India (CERT-In) issued an advisory on the safety issues of the video conferencing app.
“Insecure usage of the platform (Zoom) may allow cyber-criminals to access sensitive information such as meeting details and conversations,” the cyber-security agency said in its advisory urging users to enable features such as Waiting Room and Scheduling Privilege while using the video conferencing platform.