A Safer Zoom Call
Posted on 11th May 2020 at 11:22
With the continuing growth of remote working, many are using Zoom to allow them to host meetings and keep in touch with family and friends.
Like many systems that we all use, there are some best practices that will make the use of that software more efficient and secure, which is particularly an issue with Zoom as rather dubious sources have been invading peoples calls by ZoomBombing and sharing very upsetting media to those on the call.
In this document, we cover a few things that will help you to Zoom safer.
Before Your Meeting
Protect your account
A Zoom account is just another account, and in setting yours up, you should apply the basics of account protection: use a strong and unique password and protect your account with two-factor authentication (only available through paid versions).
Hosting Public Events
When you share your meeting link on social media or other public forums, that makes your event … extremely public. ANYONE with the link can join your meeting.
In all cases, avoid using your Personal Meeting ID (PMI) to host public events. Your PMI is basically one continuous meeting and you do not want random individuals crashing your meeting.
You don’t have to share the actual meeting link! Instead generate a random Meeting ID when scheduling your event and require a password to join. Then you can share that Meeting ID on Twitter/Facebook etc but only send the password to join via a designated method to attendees - either DM, email or text.
Use your work e-mail to register with Zoom
To register with Zoom, use your work e-mail - that way, you do not divulge personal details to the Zoom platform, which Zoombombers may be able to access. Sharing your work contact details with your real colleagues should not be a big deal.
If you do not have a work e-mail, then create an email from a specific source with a well-known public domain to keep your personal contact details private.
Do not fall for fake Zoom apps
Many Cyber Criminals are utilising the pandemic to increase their revenues and the number of malicious files incorporating the names of popular video conference services (WebEx, GoToMeeting, Zoom, and others) in their filenames has grown dramatically, trying to disguise malware as video-conference clients.
We do not want you to fall for it so make sure use Zoom’s official website — zoom.us — to download Zoom safely for Mac and PC and go to the App Store or Google Play for your mobile devices.
Do not use social media to share conference links
In many places, online events are the only type of public events available these days, so Zoom is attracting more and more people. But even if your event is truly open to everyone, you should avoid sharing the link on social media.
You have probably heard about so-called Zoombombing. It’s a term TechCrunch journalist Josh Constine coined to describe trolls disrupting Zoom meetings with offensive content.
Where do the trolls get information about upcoming events?
On social media! So, avoid publicly posting links to Zoom meetings. If for some reason you still need to, make sure you do not enable the Use Personal Meeting ID option.
Stick with the Web client if possible
The various Zoom client apps have demonstrated a variety of flaws. Some versions let hackers access the device’s camera and microphone; others let websites add users to calls without their consent. Zoom was quick to fix these problems, as well as other, similar ones, and it has stopped sharing user data with Facebook and LinkedIn.
However, given the absence of a proper security assessment, Zoom apps likely remain vulnerable, and they may still employ shady practices such as sharing data with third parties.
During Your Meeting
Your meeting has obviously been created for a specific reason and you want your attendees who could be - friends, family or work colleagues to be able to meet safely and securely. The following tips will help you to do this.
Allow only signed-in users to join
If someone tries to join your event and is not logged into Zoom with the email they were invited through, they will receive this message:
This is useful if you want to control your guest list and invite only those you want at your event — other students at your school or colleagues, for example.
Lock the meeting
It is always a good idea to lock your front door, even when you are inside your house. When you lock a Zoom Meeting that has already started, no new participants can join, even if they have the meeting ID and password. Not only will this protect from others joining keeping your meeting more safe and secure, it will encourage people to attend on-time!.
Manage screen sharing
The first rule of Zoom: Don’t give up control of your screen.
You do not want random people in your public event taking control of the screen and sharing unwanted content (ZoomBombing) with your attendees. Instead, restrict this to ensure only those who are authorised get to share their approved content.
Remove unwanted or disruptive participants
In the event that some one is causing disruption, you can remove them from the meeting: from that Participants menu, you can mouse over a participant’s name, and several options will appear, including Remove.
Allow removed participants to re-join
When you do remove someone, they cannot re-join the meeting. But you can toggle your settings to allow removed participants to re-join, in case you boot the wrong person out of your meeting. We would recommend ensuring that this is done with caution.
Put Them on hold
You can put everyone or the disruptive participant on hold, and the attendees’ video and audio connections will be disabled momentarily. Click on someone’s video thumbnail and select Start Attendee On Hold to activate this feature. Click Take Off Hold in the Participants list when you’re ready to have them back.
Hosts can turn an attendee's video off. This will allow hosts to block unwanted, distracting, or inappropriate gestures on video
Hosts can also mute/unmute individual participants or all of them at once. Use this to block unwanted, distracting, or inappropriate noise from other participants. You can also enable Mute Upon Entry in your settings to keep the clamour at bay in large meetings, which will keep you in control.
Turn off file transfer
In-meeting file transfer allows people to share files through the in-meeting chat. Toggle this off to keep the chat from getting bombarded with unsolicited pics, GIFs, memes, and other content which could be unsavoury.
Turn off annotation
You and your attendees can doodle and mark up content together using annotations during screen share. You can disable the annotation feature in your Zoom settings to prevent people from writing all over the screens.
Disable private chat
Restrict participants’ ability to chat amongst one another while your event is going on and cut back on distractions. This is really to prevent anyone from getting unwanted messages during the meeting.
Our Recommended Choices
Making sure that your Zoom meeting is as safe as possible should be your prime objective: this will allow your delegates to be engaged in the right content and avoid ZoomBombing.
Adopt the following settings as a minimum to make a safer meeting: -
Send meeting invites by email to your delegates.
Ensure your meeting has a password.
Allow only signed-in users to join.
Put Them on hold, to allow you to see who's trying to join.
Manage screen sharing so only those hosting can share their desktop.
Remove unwanted or disruptive participants.
Lock the meeting 10 minutes after it starts to stop Zoom Crashers.
The settings discussed are for paid for Zoom Versions only.
You may wish to be more stringent and adopt other settings discussed in this article to make your meetings safer.
Remember you are connecting to the internet and sharing your personal information, always use caution.
From specialists with over 25 years of experience within data management and protection we help you protect your business and the data within it as part of an ongoing journey.
Call: 02890 022344 - Email: firstname.lastname@example.org
Tagged as: Avoid Cyber Criminals, Cyber Awareness, Safer Zoom Meeting, Stay safe online, Zoom, Zoom Bombing
Share this post: