UK’s GHCQ advises government not to use Zoom


24, 2020

Author Surur // in News

Another day, another company or institution bans video conferencing solution, Zoom.

The latest is UK’s  National Cyber Security Centre, part of intelligence agency GCHQ, who has advised the government and parliament not to use Zoom for confidential business.

Specifically, parliament was warned to “not use it to talk about things detrimental to the interests of China”.

The NCSC feels Zoom is safe enough for public use, however, and the solution was recently used as part of the proceedings in the House of Commons, including at prime minister’s questions.

The Citizen Lab, a digital communications laboratory, warned in early April that security keys, which are supposed to encrypt conversations “in some cases, are delivered to participants in a Zoom meeting through servers in China.”

A government spokesperson said that “Zoom is being used for unclassified communications in government under unprecedented circumstance” but added: “Other services are in place for more sensitive communications.”

The availability of these more secure services was being increased to meet the demand of more civil servants having to work remotely, the spokesperson added.

One of those services may be Microsoft Teams, which is already used by the House of Lords.

Microsoft recently published a blog post highlighting their approach to privacy and security in Microsoft Teams. Microsoft listed down the following as the privacy and security controls available for video conferences in Teams:

  • Meeting options: With meeting options, you can decide who from outside of your organization can join your meetings directly, and who should wait in the lobby for someone to let them in. PSTN callers will be joining via lobby. Meeting organizers can also remove participants during the meeting.
  • Roles in a meeting: A meeting organizer can define roles in a Teams meeting that designate “presenters” and “attendees,” and control which meeting participants are allowed to present content in the meeting.
  • Attendee consent for recording: All recordings of meetings are accompanied by a notice to attendees that a recording is taking place. The notice also links to the privacy notice for online participants, and the meeting organizer controls which attendees have the ability to record.
  • Meetings recording access: Meeting recording access is limited to those people who are on the call, or invited to the meeting, unless the meeting organizer authorizes others to access the recording. Recordings are uploaded to Microsoft Stream and may be shared and downloaded according to permissions enabled by account administrators.
  • Channel moderation and controls: Channel owners can moderate a channel conversation and control who is, and is not, allowed to share content in channel conversations. This helps ensure only appropriate content is viewed by others.
  • Communication compliance: Communication compliance enables organizations to foster a culture of inclusion and safety by identifying and preventing negative behaviors like bullying and harassment.

You can learn more about Microsoft’s privacy and security policies around Teams here.

Source: The Guardian 

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}