COVID-19 Remote Operations

From CAPipedia

COVID-19 Remote Operations

As individuals continue the transition to online lessons and meetings, the FBI recommends exercising due diligence and caution in your cybersecurity efforts.
Zoom is the most used video conferencing tool available and has some security issues. Zoom has pledged to fix some of the problems with security, but all the fixes are not in place yet. Here's link to the Zoom CEOs blog https://blog.zoom.us/wordpress/2020/04/01/a-message-to-our-users/
REMEMBER ZOOM IS NOT SECURE, PLEASE BE AWARE OF OPSEC --DO NOT DISCUSS THOSE ITEMS ON A ZOOM CALL Quick review of OPSEC
The following steps can be taken to mitigate teleconference hijacking threats:

  • Uninstall the Zoom client from all systems (Desktops, Laptops, and Mobile phones)
  • Use the “dial-in” feature if video services or screen sharing is not required, and use the “web-client”
  • Do not make meetings or classrooms public. In Zoom, there are two options to make a meeting private: require a meeting password or use the waiting room feature and control the admittance of guests.
  • Do not share a link to a teleconference or classroom on an unrestricted publicly available social media post. Provide the link directly to specific people.
  • Manage screensharing options. In Zoom, change screensharing to “Host Only.”
  • Ensure users are using the updated version of remote access/meeting applications. In January 2020, Zoom updated their software. In their security update, the teleconference software provider added passwords by default for meetings and disabled the ability to randomly scan for meetings to join.
  • Lastly, ensure that your organization’s telework policy or guide addresses requirements for physical and information security.

Does your squadron/group or Wing have a TechSoup Account? www.techsoup.org. If you don't have an account, sign up for deeply discounted software, hardware and training.

Online Storage

Google Drive

https://www.google.com/drive/

pCloud

https://www.pcloud.com/

Microsoft OneDrive

https://onedrive.live.com/

Dropbox

https://www.dropbox.com/

Video Conference Free

Some of the free options also have a paid option

Zoom Meeting

https://zoom.us/

Skype Meeting

https://www.skype.com/en/

FreeConference

https://www.conferencecalls.com

Google Hangouts

https://hangouts.google.com/

Cisco Webex

https://www.webex.com/

Microsoft Teams

https://products.office.com/en-US/microsoft-teams/group-chat-software Microsoft Has a free Non-profit option. This is takes a little work, but it is worth it.

Video Conference Paid

GoToMeeting

https://www.gotomeeting.com/

Microsoft Teams

https://products.office.com/en-US/microsoft-teams/group-chat-software

Zoom Meetings

https://zoom.us/

LifeSize

https://www.lifesize.com/

GoogleMeet

https://meet.google.com/

Cisco Webex

https://www.webex.com/

Zoom Safety Checklist

Before Meeting:

  • Disable autosaving chats
  • Disable file transfer
  • Disable screen sharing for non-hosts
  • Disable remote control
  • Disable annotations
  • Use per-meeting ID, not personal ID
  • Disable “Join Before Host”
  • Enable “Waiting Room”

During Meeting:

  • Assign at least two co-hosts
  • Mute all participants
  • Lock the meeting, if all attendees are present