10 Tips to Increase Zoom Security
Photo by Glen Carrie
Follow these tips to keep your Zoom meetings more secure - and reduce the chances of a Zoom-bomb participant disrupting the call. Zoom also produced a "best practices" guide for securing Zoom meetings.
1: Password protect meetings
Passwords add a layer of security to your Zoom meetings. Passwords can be set at the user, group, or account level. Account owners can also enable passwords by default for all future meetings and webinars on their account (see Zoom's support guide on meeting and webinar passwords).
2: Disable "join before host"
Make sure nobody else joins the call before you, the host. This should prevent issues with zoom-bombing and anyone that tries to abuse the call (see Zoom's support article on enabling/disabling join before host).
3: Lock down your meeting
Once all your participants have joined and the meeting is ready to start, lock your call. Simply press the Security button then select Lock Meeting (see: in-meeting security options).
4: Use randomly generated IDs - and never share your meeting ID publicly
Avoid using your personal meeting ID if possible - and definitely don't share it publicly as this allows anyone to try to join your meetings. It allows attackers that know it to disrupt your sessions. Instead, use a randomly generated meeting ID for each event (see: what is a Meeting ID).
5: Use waiting rooms
This feature allows hosts to screen participants before they enter the meeting. Whilst it might seem overkill for regular meetings, it gives the host full control over who can join the meeting. This can prevent uninvited guests from disrupting your call (see waiting Room).
6: Disable chat if it's unhelpful
Although the in-meeting chat feature can be useful in some meetings, if it's getting annoying, just disable it (see controlling and disabling in-meeting chat).
7: Regularly install updates
This goes for all software, not just Zoom. New vulnerabilities are discovered regularly - and attackers are quick to exploit them. By keeping your software up-to-date you're keeping yourself safe and protected against the latest known vulnerabilities. On default settings, your OS should automatically check and notify you when updates are available (see updating Zoom).
8: Disable participant screen sharing
To prevent any participants from sharing potentially inappropriate content, disable all participants from screen sharing. This can be accessed from the Security button then make sure Share Screen is un-ticked (see: in-meeting security options).
9: Authenticate users
Zoom has a feature to only allow users that are logged in to join your meeting. You can also take this one step further and require participants to register before they can join (see meeting registrations).
10: Remove nuisance participants
If, despite taking all the above steps, you still have an annoying participants that's disrupting the call, you can remove them. There's also a feature to enable/disable removed participants from re-joining the call (see Allowing Removed Participants or Panelists to Rejoin).
Recent
Top 10 Web App Security Risks
-
OWASP Top 10: Intro
-
OWASP Top 10: Injection (A1:2017)
-
OWASP Top 10: Broken Authentication (A2:2017)
-
OWASP Top 10: Sensitive Data Exposure (A3:2017)
-
OWASP Top 10: XML External Entities (XXE) (A4:2017)
-
OWASP Top 10: Broken Access Control (A5:2017)
-
OWASP Top 10: Security Misconfiguration (A6:2017)
-
OWASP Top 10: Cross-Site Scripting (XSS) (A7:2017)
-
OWASP Top 10: Insecure Deserialisation (A8:2017)
-
OWASP Top 10: Using Components with Known Vulnerabilities (A9:2017)
-
OWASP Top 10: Insufficient Logging and Monitoring (A10: 2017)