Due to the current reporting regarding zoom, we would like to draw your attention to the following websites from renowned data protection sites.
Quote: Conclusion of the website data protection notes:
„According to what is visible to us, we can attest Zoom to a solid level of data protection. Assuming the right settings and contracts, nothing should stand in the way of a data protection-compliant use of the solution. Another positive aspect is that the provider appears to take legitimate criticism seriously and to rectify it quickly. “
Quote: Conclusion of the website data protection guru:
„I can only repeat myself. If you don’t want to use “zoom” because you don’t see your information security as guaranteed, you shouldn’t. I understand that. And it is a legitimate decision.
The claim that „Zoom“ cannot be used in compliance with data protection is obviously wrong from a data protection perspective.
It is also not legally correct that „Zoom“ transmits personal data to „third-party providers“.
As I said … I like it when we look at things differently. Mike Kuketz is sure to do a great job in the technical area. And I don’t presume to know or analyze more about the data flows than he is. He is wrong about the legal assessment.
And now I hope that the mood will calm down and that we can all do our job. “
Notes on securing ZOOM meetings
Cyber Security – Zoombombing – [i] Matrix – misuse <https://web.i-matrix.at/cyber-security-zoombombing/>
- Do not make meetings or classrooms public. There are two ways to make a meeting private in Zoom: you can request a meeting password or use the waiting room feature and control guest access.
- Do not share a link to a conference call or classroom on an unrestricted publicly accessible social media post. Share the link directly with specific people.
- Manage screen sharing options. In Zoom, change the screen share to „Host only“.
- Ensure that users are using the updated version of the remote access / meeting applications. In January 2020, Zoom updated its software. By default, the teleconferencing software provider added meeting passwords in its security update and disabled the ability to randomly search for and attend meetings.
- Finally, make sure that your organization’s telework policy or guide takes into account physical and information security requirements.