During the first months of the last year, Zoom was a little known video conferencing platform with a few million users. However, the spread of Coronavirus across the globe forced businesses and organizations to make changes in their working models. Among them was adopting remote working practices, fostered by several communication and collaboration tools. This is where Zoom's popularity surged, with remote workers using the tool to conduct virtual meetings.
However, the explosive popularity of Zoom created several cybersecurity ramifications. The unexpected growth exposed the platform to various security faults, vulnerabilities, and hackers. That said, below are some of the best practices to keep your Zoom meetings secure.
- Know Your Zoom Package
Most Zoom users are unaware of the various types of Zoom accounts available. However, like most applications, Zoom has different packages with varying powers and privileges. For instance, the free basic account allows unlimited one-on-one meetings and 40-minutes meetings between more than three people.
The next tier is the pro-account, which gives users administrative powers, such as extending meeting limits and enabling or disabling the ability to record the meeting. Regardless of the package used to host meetings, being familiar with each tier's settings allows users to maximize security and avoid disruptions.
- Protect Your Zoom Account
Zoom accounts are just like any other accounts created on regular applications. Therefore, you should adopt the basic measures required to protect the account. Using a strong password with unique characters is probably what everyone should do. Zoom also introduced the two-factor authentication feature, which provides an additional layer of protection.
That aside, make use of the zoom specific personal meeting ID. Unlike other platforms, Zoom provides a unique personal meeting ID to every user. Since you can create public meetings with a personal meeting ID, users can easily leak their identification. Therefore, share your personal meeting ID with caution. Otherwise, any person with your ID can join your meetings or use your ID with ill motives.
- Don't Share Meeting IDs Publicly
This is a key security tip for users looking to maximize privacy in their meetings. Sharing your unique meeting ID on public forums makes it susceptible to cybercriminals. In most cases, Zoom meetings have public links that allow anyone to join the meeting. Sharing these links makes it easy for hackers to join and Zoombomb the meeting. Apart from meeting IDs, don't share your Zoom details publicly. This helps mitigate the origin of various Zoom security risks.
- Password Protect Your Meetings
Zoom users should use this default practice in the platform. All Zoom meetings have an entry ID or link and a password that users should have before joining the meeting. However, such security measures are only effective if users enable them. Besides not sharing your meeting ID and Zoom details publicly, set unique passwords to your meetings. Otherwise, hackers can find their way into your meeting. Fortunately, Zoom passwords can be set at individual meetings, users, groups, and account levels.
- Use a Registration System
Making use of registration systems is another important security measure that prevents sharing your meeting ID with the public. Organizers of Zoom meetings can use registration systems from various tools, such as Eventbrite, to register the details of those who want to attend the session. Interested persons who register with their details are sent meeting IDs and passwords as a private message to gain access to the meeting.
This practice adds a security layer to your Zoom meetings, as the host can monitor and verify who is being added to the meeting. It also helps meeting moderators double-check the participants of the meeting.
- Make use of Waiting Rooms
Waiting rooms are a beneficial feature that Zoom has adopted in its latest security updates. Just like registration systems, it is a good way of double-checking the participants of the meeting. To enable this, after scheduling a meeting, click on the settings and proceed to advanced settings. Among the options include a menu that can be checked to enable waiting rooms.
As the name suggests, participants looking to join the meeting will be directed to a virtual waiting room, where the host can vet and allow participants individually. Besides providing additional protection, virtual waiting rooms give the meeting host a chance to organize the meeting before participants join. For instance, sharing the right screen and managing participants' powers.
- Limit Participants' Powers
Hosts of Zoom meetings can restrict every participant’s powers during meetings. This is a good practice as it helps tame troublesome members. For instance, hosts can mute all attendees to minimize disruptions. As the host, you can enable while scheduling for the meeting, under the "advanced options" tab, where the waiting room settings are located. The settings can also be changed once you have begun the meeting.
Depending on the number of people attending your meeting, you can give some members privileges, such as allowing them to moderate, monitor, or mute other participant's actions. This is important, especially if the host is busy presenting in the meeting. However, for such, the co-host should have a Pro-zoom account.
- Use Zoom's Web Client Version
The introduction of multiple Zoom client applications also increased the flaws with this application. For instance, some versions allow hackers to access the user's microphone and camera, while others have manipulations that allow websites to add participants to calls and meetings without the host's consent. While Zoom quickly stepped up and fixed these initial problems, multiple client apps remain highly vulnerable.
That said, cybersecurity experts recommend the use of Zoom's original web-platform instead of downloading apps on your devices. The web version operates from the browser's Sandbox, which lacks permissions that installed applications have. This limits the scope of harm it can cause.
- Watch Out for Fake Zoom Apps
With the increased use of remote communication tools, cybersecurity experts noted a similar increase in malicious files using the names of popular video conferencing applications, including Zoom, Webex, GoToMeeting, and others. The filenames of these malicious applications had tripled by March last year compared to the numbers before the pandemic began.
This means hackers released several fake versions with disguised malware, looking to take advantage of these applications' popularity. That said, be cautious when searching and downloading Zoom and any other videoconferencing tools. To be sure, use Zoom from its official website. For downloads, use your smartphone's App Store or Google Play for original versions.
- Lock Your Meetings
Locking a meeting once it has begun is another additional security measure that prevents Zoombombing. Just like locking your front door at night, locking your meeting prevents other participants from joining, regardless of whether they have a password or not.
To enable this feature, click on the "manage participants" after starting the meeting. You should then choose the "more" icon from the sidebar and click on the option to lick the meeting. This can be activated immediately after the meeting has started for private meetings. However, give an allowance of 10 minutes for public meetings to allow late entries.
Companies frequently using Zoom for their meetings should take advantage of the following tips to secure their sessions. However, these measures won't be effective if employers don't educate employees on these practices. For instance, advise your employees to avoid sharing their meeting IDs, passwords, and links. Making your Zoom meetings safe is a collaborative effort between the hosts and participants.