Almost all video conferencing programs available have some sort of vulnerability, and Zoom is no doubt no exception. however, Zoom users can do a few things to make their next conference call a little more secure.
Take proactive measures
None of us are fully immune to cybercrime, even minor crimes like Zoombombing. But being aware of security risks and taking proactive measures to protect yourself can significantly reduce your chances of becoming a victim.
Although Zoom has recently taken steps to make its software more secure by adding new security features and enabling certain default settings, it is your responsibility to ensure that these features are enabled and that your video conference is as secure as possible.
All of the following options can be turned on or off in your Zoom Account Settings page.
Require password to attend meeting
Require password for join your conference call is your first layer of defense. Without that, almost anyone can join – and we mean almost anyone. If your meeting is indexed, protecting it with a password will prevent uninvited people from intervening.
It should also be mentioned that Zoom provides functionality to integrate a password in the invitation link. We do not recommend it because anyone with the link can participate. If it ends up in the wrong hands, an unexpected guest may appear.
Here are the password settings offered by Zoom:
Require password when scheduling new meetings
Require password for instant meetings
Require password for Personal Meeting ID (PMI)
Integrate passwords in the meeting link for one-click participation (not recommended)
Password required for participants who join by phone
To access these settings, go to your profile settings page in your web browser and make changes to your account.
Activate a waiting room
The Zoom waiting room is your second layer of defense. If someone gets hold of your conference link and that conference is not password protected, it will still be placed in a virtual waiting room and must be allowed to enter.
You can also find the “Waiting room” setting on your profile settings page.
Do not use your PMI for public meetings
Your personal meeting ID is the meeting that is started by default. This meeting is, in theory, perpetually underway. This means that if someone gets your PMI, they can join your session whenever they want. You should only use your PMI for private meetings and not send it to the public. The fewer there are, the better.
Make sure that the settings that use your default PMI when scheduling a meeting or starting it instantly are disabled in your settings page.
Ruler with an iron fist
Do not let anyone start the meeting before your arrival, the host. Period. This prevents uninvited guests from jumping on you. But keep in mind that if you disable the “Join before host” setting, it’s always best to be fast. Keep uninvited guests away, but don’t let important customers or colleagues wait.
Know who joins
Zoom to a setting you can activate which prevents unauthenticated users from joining a meeting via the web client. This means that users will need to register their name and email address before they can participate, which will let you know exactly who is joining the meeting.
Lock your meeting
If all of the expected attendees are in the meeting room, go ahead and lock the meeting so that no one else can enter. During the meeting, you will see a “Security” button at the bottom of the screen. Select the button, then click on the “Lock Room” option in the context menu.
Evict someone from your meeting
If someone arrives in your conference room, you can delete them by hovering over their name in the right pane and then selecting the “More” button.
In the menu that appears, select the “Delete” option.
Then you need to turn off the setting for your Profile Settings page which allows deleted participants to re-register. Once you get rid of the intruder once, you get rid of it for good.
Disable communication features
One of the advantages of Zoom is that it offers participants several options for communicating with each other. However, if an uninvited person joins your conference call, they can use these features to harass participants. If you, the host, will be the only member required to communicate, disable these features:
Speaking participant (cut everyone’s microphone)
All of these features are, again, in your profile settings using the web browser.
A determined cybercriminal is difficult to deter, but don’t just sit back and do nothing while people take advantage of you. Good cybersecurity starts with you – always be ready.