Increasingly more people are remote working and many are using the videoconferencing platforms for meetings and training. There is a range of virtual conference solutions out there, including Skype, Microsoft Teams, GoToMeeting and of course Zoom.
Zoom has around 300 million daily meeting participants!
It also has security issues like “Zoom bombings” where uninvited guests may show up at meetings and another more “creepy” vulnerability which left millions of users exposed, which offered access to user’s cameras and microphones.
So how do you make sure that you are following security best practices to keep you and others safe during zoom meetings?
Here is a list of Zoom security best practices to follow when hosting a meeting.
Turn on Your Waiting Room
By turning on the Waiting Room feature, you’ll be able to control who enters your meeting (you must be an account administrator to access this setting). You’ll be able to see who is waiting to join and can admit them or remove them. If you don’t recognize the individual trying to join the meeting, you can remove them, and this will prevent them from joining back in.
Join Before Host
Do not allow others to join a meeting before you, as the host, have arrived. You can enforce this setting for a group under “Account Settings.”
Don’t Use Personal Meeting ID for Public Meetings
You should not use your personal meeting ID if possible, as this could pave the way for pranksters or attackers that know it to disrupt online sessions. Instead, choose a randomly generated ID for meetings when creating a new event. In addition, you should not share your personal ID publicly.
Require Password to Join
A good way to prevent unwelcome guests from joining your Zoom meeting is to require participants to enter a passcode before logging onto the meeting. For instance, if someone outside of your organization or group gains access to the Zoom meeting link you’ve generated, and a passcode is not required, they could potentially access confidential information. Passcodes prevent such intrusions.
Here’s how to require a passcode:
- Go to “Account Management” > “Account Settings”
- Under “Security” you can toggle on the passcode feature if it’s not already enabled
- You can also lock this feature so that a passcode will be required for all of your account users whenever they set up a meeting or webinar
Lock the Meeting
Once a session has begun, head over to the “Manage Participants” tab, click “More,” and choose to “lock” your meeting as soon as every expected participant has arrived. This will prevent others from joining even if meeting IDs or access details have been leaked.
Keep Zoom Updated
Always remember to keep your zoom software updated. In order to check, open the desktop application, click on your profile in the top-right, and select “Check for updates.”
Dimitris is an Information Technology and Cybersecurity professional with more than 20 years of experience in designing, building and maintaining efficient and secure IT infrastructures.
Among others, he is a certified: CISSP, CISA, CISM, ITIL, COBIT and PRINCE2, but his wide set of knowledge and technical management capabilities go beyond these certifications. He likes acquiring new skills on penetration testing, cloud technologies, virtualization, network security, IoT and many more.