Integrated Risk Management
Through the application of technology and automation, we'll help you manage your risks efficiently and effectively across the entire enterprise.
Identity and Access Management
We'll help you ensure everybody within your organisation has access to the right systems and data, for the right reasons, and at the right time.
Cyber & Application Security
Our experts will uncover security weaknesses within your security design and business-critical applications. Helping you protect your organisation from both internal and external threats.
Bedrock Managed Service
Scalable support and on-demand expertise that seamlessly integrates with your existing operations.
About us
A group of passionate individuals with a shared purpose to help the world's leading companies embrace best practices for GRC and risk management.
Partners
Turnkey's strategic partner network consists of selected organisations that complement our capabilities.
Corporate Social ResponsibilityCSR
We are committed to being agents for change through our Climate Action Plan, championing diversity in our workplaces, and more.
Get in touch
We have operations in all corners of the globe, so see which office is nearest to you and connect with them.
Careers
We have operations in all corners of the globe, so see which office is nearest to you and connect with them.
Webinars & eBooks
All of Turnkey's webinars, guides and other insights available in one place.
Blogs
Read the latest insights from our experts on GRC and risk management, covering the latest industry topics.
Press Coverage
See all the publications where Turnkey, our experts and our successes have been noted.
Key events
See the key industry conferences on GRC, SAP security and risk management which we are attending.
Case Studies
Client satisfaction is of the utmost importance to us, and we strive to constantly deliver above expectations, going the extra mile at every opportunity.
31 March 2020

‘Zoom-bombing’ - minimising the risk of virtual hangouts

Dealing with uninvited guests is not something that many of us think about when it comes to video conferencing. However, with the rapid shift to remote working, it’s a worrying trend that is being exploited by opportunists every day - but so far, the main focus has been on one application.

 
Zoom appeared much later on the video hangout scene than platforms such as Skype, Webex and GoToMeeting, yet it has quickly become the more popular choice because of its simplicity and the frictionless experience it provides. 
 
Yet it’s increased use, more recently for more public hangouts such as an open to anyone ‘Virtual Pub’, has led to it being misused and exploited. At one end of the spectrum you might be exposed to mildly offensive material, right the way through to a catastrophic cyber attack at the other.
 
‘Zoom-bombings’ and invasions of privacy are now very real. Bombers have taken control of screen sharing to publish pornogrpahy and voilent video or imagery, while criminals have leveraged the file transfer feature to spread malware. Every day now it seems, more news emerges about the potential risks in using the platform.
 
The real worry is for professionals who are using Zoom to hold confidential conversations - such as lawyers, auditors or accountants - as potential criminals could be listening in. For these and other such sensitive use cases, Zoom has been banned from certain high security-driven organisations such as governments, law courts and Google.
 
So, should you ban Zoom too? No, not necessarily. In the above instances, Zoom wasn't banned because it was insecure or had poor privacy practices, rather it was because these organisations have highly specific security needs that demand more rigorous enforcement.
 
So, if your organisation continues to use Zoom, the following security checklist should help. 

 

Your video conferencing security checklist

Within your Zoom account settings you are offered a wide range of options to customise your privacy experience - so it’s important to understand how to set-up the tool to minimise your risk. It’s likely that Zoom won’t be the only video conferencing platform to be targeted, so if you use another tool, these precautions are equally as valid. Our checklist below provides 5 of the key measures you can take to hold more secure video calls.

 

TK_ZoomSocialCard-min-min (1)

 

If you want to go further, Zoom provides a whole host of other measures you can take within its comprehensive suite of settings. Click on any of these links for details from the Zoom support pages.