The importance of online security isn’t new. There are different things you can do to protect yourself against unwanted cyber behavior. When thinking about online security, most people think of data breaches. But what about situations where online security isn’t just about protecting your data?
Basics of Online Security
Hopefully, you’ve heard of and are using online security best practices. If not, or if you need a refresher, here are some excellent tips to follow online:
Keep your software up to date.
Make sure you are using the latest software versions. Making sure you’re using the newest software version applies to all of the computer programs you use, especially your system software. While the system update notifications seem to always pop up at the worst time, they’re essential. Don’t forget to run those system updates frequently.
Check for HTTPS or a lock symbol on your browser.
Check for HTTPS or a lock icon in your address bar. The lock icon indicates that the site is HTTPS. Make sure to check if you’re sharing sensitive data. Why? The critical difference between HTTPS and HTTP is that HTTPS is encrypted.
Never use the same password twice. NEVER USE THE SAME PASSWORD TWICE!
Seriously, it’s that important. Never use the same password twice. And no, you don’t have to remember all of those different passwords. Thankfully, there are programs available that help generates and store all of your secure passwords. Available password programs include Keepass, Lastpass, and Bitwarden.
You should never use the same password twice because you avoid the rippling consequences of a data breach. What is a data breach? A data breach is an instance where sensitive data accessed without authorization. These incidents are, regrettably, common.
Sensitive information can include your user name and password. If your password is involved in a data breach, the same combination can be attempted across other sites (by machines) to try and access even more information about you. By not using the same password, you make sure those attempts are always unsuccessful.
Data is Gold.
We take all these steps online to protect our data. But all around us, everybody wants it. It’s a sad cat and mouse game where the bad actors who are looking to exploit sensitive information continue to develop new ways to break-in. It’s astonishing how much information we share online. Suppose you’re like me (and millions of others); your digital footprint is massive. We spend most of our day on the computer switching between different websites, applications, and systems—each one requiring a unique username and password. Some of the sites have our card information, birthday, address, name of our first dog, favorite type of pizza, etc. The point is, we’re sharing a lot of data with a ton of different sources.
This data is a gold mine in the wrong hands. That’s why we expect those places to protect our information and keep it private. But, that’s not always the case.
Examples of data breaches
For example, in 2017, a security breach at Equifax exposed over 147 million people‘s information. This data breach is particularly notable because of the type of data leaked. The Equifax data breach exposed the names, addresses, numbers, dates of birth, social security numbers, and driver’s license numbers of those affected. A few very unlucky people, roughly 209,000 people, had their credit card numbers leaked as well.
Canva, a graphic design site, also suffered a breach in May 2019. Even the social media company and data giant Facebook was unable to stop a data hack. In 2018, a virtual attack on the company impacted 50 million users.
These events have made national headlines. This raised awareness has helped users understand the importance of privacy. It also demonstrated that many places did not prioritize data privacy. While most data breaches aren’t purposeful, they reveal that data security hasn’t always been the top priority. That’s why in 2020, when Zoom demonstrated it was not prioritizing virtual safety, scrutiny starting piling up on all sides.
Invading Private Spaces
But what about a scenario where privacy is about personal and private conversations? The privacy issues Zoom dealt with recently fell outside of the typical security best practices. Even if you had implemented all of the best practices above, the Zoom privacy issue was unavoidable.
The Unexpected Rise of Zoom
People used Zoom before 2020. After 2020, everyone has used Zoom*. As the world shifted towards more online interaction, Zoom became the tool for virtual communication. Video conferencing became the way to conduct all types of events. People have hosted Zoom birthday parties, Zoom business conferences, Zoom funerals, Zoom online classes, and many other Zoom virtual events. From one day to the next, all of our events went virtual. From one day to the next, Zoom had an explosion of users. The challenge was that Zoom was not fully prepared for its unexpected rise in popularity. Let’s say that it experienced growing pains. Some of those growing pains were benign. But, others involved broader security issues.
*It’s likely there’s still one of you out there who hasn’t used Zoom.
Zoom Scrutiny
As early as March 2020, claims started surfacing, claiming severe security flaws in the Zoom system. It first came in the form of zoombombing. Zoombombing is a practice where someone enters a Zoom video conference without permission. While the word Zoombombing originated from the instances happening on Zoom, this has happened with other platforms, such as Webex or Skype.
Zoombombing demonstrated how easy it was to gain access to video conversations. It also started discussions amongst education and government groups around whether virtual conference tools could be trusted to keep things secure. Zoom was facing a public relations disaster. This up-and-coming technology was now in the spotlight for the wrong reasons.
Thankfully, Zoom has implemented changes that demonstrate its dedication to security. This, along with other zoombombing guides, have helped alleviate these major issues from happening.
Zoom Security Changes
If you’ve hosted or joined a Zoom meeting recently, you’ve likely noticed changes to the way you enter. Let’s walk through all of the recent Zoom changes. Starting September 27th, Zoom meetings require either a meeting passcode or a waiting room. These additional levels of security give more control to the host over who can enter.
Meeting Passcode
A meeting passcode, different from a password, is a key provided by the host to the attendees. When entering a meeting with a passcode, the system will prompt you to enter the information. You can only join after providing the passcode.
Waiting Room
You may have noticed a new feature in Zoom, the ‘waiting room.’ This new feature allows hosts to control who enters the video conference. As participants enter, the host will see the option to accept or reject the user. The waiting room is a perfect response to the zoombombing issues mentioned earlier. By allowing users to determine who enters a call before they can access, Zoom has given privacy back to the host’s hands.
Screen Sharing
Screen sharing is still available within Zoom but with some small but significant changes. Zoom now grants a host the ability to disable screen sharing by other individuals. This new control alleviates the stress of someone taking over a video conference with an unwanted screen share.
Moving Forward
Thankfully, Zoom has addressed and implemented new features to address privacy concerns. With each rollout, it has become harder to invade someone’s privacy on Zoom. Now you can video conference with confidence. To be extra safe, protect your privacy by using a Webaround to hide your background.