The unexpected rise of active users who use the video conferencing app called Zoom has resulted in many gains and losses. Thanks to the sweeping Coronavirus pandemic, many businesses have been forced to adopt a “work from home” policy powered by Zoom, Skype, Slack, and other sites used for business collaboration.
At the close of 2019, Zoom had approximately 1.9 million active users. In the few months since the Coronavirus pandemic exploded, over 2.2 million new users have joined, according to a tentative estimate as reviewed by CNBC. This rise in numbers has also drawn the spotlight on Zoom’s security vulnerabilities, making it a hacker’s paradise.
Zoombombing is an actual term referring to a case where uninvited users crash your zoom meeting. They do this not only to eavesdrop, but the more colorful characters post offensive material. While some countries such as the US have moved to decriminalize the act, it is still a very common security problem.
Zoom has risen to the occasion and patched up some of the major issues, but meetings on the platform are still highly unsafe. However, taking these 5 steps will help you to make your Zoom meetings more secure.
1. Be mindful of using meeting IDs
It has become common for those holding meetings to share Zoom meeting IDs online in social media forums, private messages, and email. However, this means anyone with the ID can join in the meeting. Even for those without sophisticated hacking skills can zoombomb such meetings with only the ID.
Another major vulnerability is associated with Zoom permanent IDs. Every Zoom user has a permanent Personal Meeting ID or PMI associated with their account. Anyone who gets this ID can use it to check for meetings in progress and join using it.
Always hide your private Zoom ID and opt to use randomly generated meeting IDs specific for that meeting only. That way, even if it falls into the wrong hands, they can only disrupt one meeting, not all. To do this, make sure to set the “Use Personal Meeting ID when scheduling a meeting” option is set to OFF.
The other option is to only share meeting IDs through private channels. Rather than posting them on Whatsapp and Facebook groups, invite each participant individually to keep the circle as small and trustworthy as possible.
2. Set passwords on your meetings
Having a meeting online without password protection is foolhardy. It leaves you exposed to anyone snooping around or who somehow finds your meeting ID. Coupled with the security issues associated with the PMIs, an unprotected meeting is the most vulnerable.
Zoom gives you the option to protect every meeting with a unique password that every participant will need to enter before joining. The host can require this password for every meeting through the “Require meeting password” option. It is on by default, so be sure to leave it that way.
You will still need to share the meeting password with the participants, which you need to do responsibly. If you share the ID and password at the same time and the information leaks out, then you defeat the whole purpose of having a password in the first place.
3. Set up a waiting room
A waiting room is exactly that – a digital space where meeting participants wait to be admitted into the meeting. When you’re ready, you then admit everyone manually into the meeting. That way, you maintain full control of who is in the meeting.
However, this option is cumbersome, especially for large meetings even though it is great at ensuring full control over the meeting. Once everyone who was expected to be present has joined, you can then “Lock” the meeting so that nobody new can badger in.
In the case of a large number of participants, you can use the “Join before host” setting. The way it works is that even if the time of the meeting arrives and the one who set it up has not joined, then no one else can.
If there are no privacy concerns, checking this box ensures the meeting can go ahead without you. However, if you want to ensure no one arrives before the party starts, set it to OFF to ensure no one joins before you.
4. Restrict participant powers
As the host, Zoom gives you absolute powers to restrict and control what happens during the meeting. For one, you can moderate participants and what they can do.
- Disable screen sharing – Given that most zoombombers only seem to be interested in sharing pornographic material, restricting screen sharing for all participants means that no one will be able to spoof the meeting with such content even if they were able to join.
- Turn off file sharing – Zoom has already turned off this feature due to security vulnerabilities, but in case it ever resumes, don’t use it anyway. Go for more secure file sharing platforms such as Google Drive and Box.
- Remove problematic participants – We have already seen cases of Zoom meeting participants who embarrass themselves by being drunk, doing inappropriate things thinking they are invisible, and others who deliberately make life harder for the rest. Remove them and disable the “Allow Removed Participants to Rejoin” option.
5. Set out best practices at work
Even with the most secure Zoom practices, people can still become a vulnerability. This is especially true of participants who are not very literate in digital matters.
If you are to cover all fronts, make sure you have a Zoom meeting policy stating out what security protocols apply. You should also set out guidelines for how you expect participants to act, dress, speak, and otherwise behave during the meeting.
for read more see : https://www.cnbc.com/2020/02/26/zoom-has-added-more-users-so-far-this-year-than-in-2019-bernstein.html
Safety in Online Business: Partner with Zeg Solutions
Impulsive solutions to disasters, such as Zoom, are inevitable. However, they also pose a major security risk to any business. Given the sensitive nature of discussions and personal data shared not only on Zoom but on other social platforms, you need a trusted IT partner to hold your hand through such transitional periods.
Zeg Solutions headquartered in Houston, Texas, has handled enterprise-level security and information technology solutions for decades now. We know how to keep your business safe online and offline, even in such uncertain times. Partner with us and let us bring you secure solutions to keep your business running through and after the pandemic.
Please feel free to contact our team for a consultation:
Phone: 713-903-3271
Email: [email protected]
