Cassius: "The fault, dear Brutus, is not in our stars, But in ourselves, that we are underlings." Sensational stories are popping up about insecurity of the popular video meeting app Zoom. Videos on servers that are not even password protected, as reported by WaPo, including "how do do Brazilian wax job" -- but it turns out "most" of these are on external storage not controlled by Zoom. Some are even calling it malware. Features such as connecting to cloud storage from your private (home, or company) network have always been a security violation in several ways:
If your company data use policy and security policy are not yet clear or do not address sharing of videos or other documents, get on it and make sure all your users - employees, contractors, and customers - know and follow them (your customer can record your session too... can you detect that?). For individuals, RTFM (read the fine manual), or at !east look through your settings (in Zoom there is "automatically start recording when you start the meeting..."). Decide where you store your videos if you do decide to record, and verify it's in the right place under at least password protection. Sure Zoom has security issues, and the more scrutiny, the better product will come out of it. But no matter how good the product is, it is up to the user to take care of the information (and video). If you use a nice alternative like WebEx from Cisco, and record a meeting, then put it on a public cloud platform, that's neither WebEx's problem, nor is it Zoom's.
0 Comments
Leave a Reply. |
AuthorDjilpmh Pi has been tracking the spread of Shadow IT for some time. This collection lists some of the most egregious examples. He Archives
January 2020
Categories
All
|