Due to the ongoing pandemic, there has been a dramatic increase in the use of online video conferencing. This of course has created a new opportunity for hackers, and some have taken advantage of default lax security protocols and are joining meetings uninvited.
This seems to be specifically prevalent on the Zoom video platform, which is being heavily leveraged by businesses, individuals, public school systems and higher education.
The media has dubbed this video conference hacking "ZoomBombing". The last thing you want is to start a meeting and find unwanted guests there. Some have been known to share their screens and display pornography, hateful graphics and/or words, profanity and more.
Here are some security best practices to protect your Zoom meetings:
Under Advanced Options when you create or edit a meeting:
- Uncheck "Enable join before host" in the meeting options to prevent anyone from joining the meeting before the host arrives. This way, nothing goes on before the meeting starts that the host isn't aware of.
- Consider enabling "Mute participants on entry" to prevent things from being said or overheard before you actually start the meeting. This also prevents things from getting too busy before you lay out the ground rules for the meeting.
Under your Profile, Settings, View Advanced Features (which takes you to Zoom in your browser):
- Consider enabling "Only authenticated users can join meetings" or "Require a password when scheduling new meetings" which will prevent an unwanted person from joining the meeting if they somehow find the invite link. Just be sure you communicate the password separately from the meeting invite.
- Consider enabling the "Play sound when participants join or leave" the meeting. This way, you know if someone comes or goes and if everyone is already there, it's a good indication a Zoombomber may be lurking. However, it may be annoying so experiment with this carefully.
- Turn off "File Transfer" so there is no possibility of any malicious content sharing.
- Turn on "Disable desktop/screen share for users" so that no one is able to share content from their device. You can always enable it for a particular participant that you want to be able to share something with everyone on the meeting.
- Also consider setting "Who can share?" to Host Only so no other meeting participants can inadvertently put something on screen for all attendees to see.
- Disable "Allow removed participants to rejoin" the meeting. This way, if you have to boot someone from the meeting, they can't sneak back in.
Finally, install updates for the Zoom app whenever they are available.
These settings will allow you to keep you meeting mostly secured from a potential ZoomBomber. I say mostly, because nothing is every 100% when it comes to cyber-security. Zoom has currently stopped all work on feature requests for the time being so they can focus on making sure the platform is as secure as possible to combat the ZoomBombing phenomenon.
For more information on Zoom's advanced security options, please visit their support page at: https://support.zoom.us/hc/en-us/articles/360034675592-Advanced-Security-Options
Be well and Stay Safe!
Founder, Interim Vision Guardian
WEBIT Services, Inc.