In the midst of the global pandemic that is COVID-19 (which is certainly not caused by 5G), more people work remotely and use Zoom for video conferencing. However, they face a security issue called “Zoombombing”. What is it and how can you stop it?
What is Zoombombing?
“Zoombombing” is when an uninvited person joins a Zoom meeting. This is usually done in order to gain some cheap laughs at the expense of the participants. Zoombombers often launch racial slurs or profanity, or share offensive pornography and other images.
This problem is not necessarily a security breach. The problem is how people handle links from public Zoom meetings. These links are shared thousands of times between clients, friends, colleagues, classmates, etc. Careless handling of these can result in a Zoom meeting open to the public. Then anyone who finds the link can join an ongoing meeting.
Links to public Zoom meetings have even been reported in the results when people search for “zoom.us” on Google. Anyone who finds such a link can join this meeting.
And yes, Zoombombing is illegal in the USA.
How to protect yourself
It didn’t take long for Zoom to react to Zoombombing. On April 5, 2020, the company announced that certain features that could improve security would be enabled by default. However, it is better to be proactive and take the necessary steps to protect yourself.
Zoom has a menu of settings that you need to visit before you start a meeting. After logging into the Zoom website, click the “Settings” tab in the left pane.
You are now in the “Meeting” tab of the settings menu.
Features to disable
There are many useful features here, but we recommend that you disable the following to protect your meeting:
“Incorporate the password in the meeting link for one-click participation”: This encrypts the password in the “join the meeting” link. To join a meeting, just click on the link, which goes completely against the goal of requiring a password. Disable this feature for security reasons.
“Screen sharing”: This allows the host and participants to share their screens during the meeting. You can either turn this off completely, or allow only the meeting host to share their screen. Disabling this option prevents users from sharing inappropriate content during the meeting. They should actually hold an image in front of the webcam, rather than simply removing it from their desktop.
“Remote control”: This allows someone who shares their screen to let other participants take control of their system remotely. Disable this feature if you don’t need it.
“File transfer”: Allows meeting participants to share files in the chat room. Disable this option if you do not want files to be shared. You can also select the “Allow only specified file types” option to ensure that users can only share certain file types.
“Allow participants to rename themselves”: If a Zoombomber does not have access to the chat room, it can get its message across by typing it as its name. Disable this option to remove this option.
“Join before host”: This allows people to join a meeting before the host arrives. Don’t let Zoombombers beat you at your own meeting. It is disabled by default.
“Allow deleted participants to re-register”: If this option is enabled, participants that you exclude from a meeting can join. Disabled so that once a Zoombomber is gone, it is gone for good. It is disabled by default.
Features to activate
Here are some features that we recommend you activate to improve your security:
“Mute participants at the entrance”: If someone does Zoombomb at your meeting, you can close it before they even have a chance to speak. You can decide later who can speak.
“Always display the meeting control toolbar”: If you enable this option, you will have quick access to commands during a meeting.
“Identify participants invited to the meeting / webinar”: This identifies who belongs to your group, as well as all of the participants who join as guests.
“Waiting room”: Force all participants to experience Zoom Purgatory by placing them in a waiting room before they can join the meeting. The host can then decide whether to join or not. As of April 5, 2020, this feature is enabled by default.
“Require a password when planning new meetings”: Force users to enter a password before they can join a meeting. In this way, even if someone finds the link, they cannot participate without the password. This is also now enabled by default.
It’s up to you to protect yourself and your meetings. While these options are not necessarily bulletproof – if someone shares a link and password publicly, you can still get a Zoombomber in the waiting room – they offer great protection.
Always be proactive and make security and privacy your top priority when using Zoom.