With ongoing social distancing, video conferencing has quickly become a necessary avenue for business teams to come together. Zoom, one of a dozen popular video conferencing systems, has become a go-to platform for many, with daily users now numbering over 200 million, up from just 10 million in December 2019.1
With so many utilizing the platform – and some with little to do – video conferencing meetings have become another target for hackers. “Zoombombing,” when a malicious user joins a video meeting and reveals explicit or disturbing images to participants, has unfortunately become a regular occurrence.
Just as you wash your hands for 20 seconds to protect yourself, following these tips will help protect you from hackers2:
- Refrain from using your personal meeting ID for each call. Instead, use a unique, per-meeting ID that’s exclusive to each call. Zoom's support page offers a video walk-through on how to generate a random meeting ID.
- Enable the "Waiting Room" feature so that you can control who joins the meeting before providing them access. While it’s true that a skillful disrupter can sometimes bypass this control, every hurdle helps. Zoom offers a support article to enable the Waiting Room as well. To enable the Waiting Room feature, go to Account Management > Account Settings. Click on Meeting, then click Waiting Room to enable the setting.
- Password protect your meetings and only share with those that have been invited. In other words, don’t post the password on a website, or send an invite to anyone you don’t except to attend. Find out how to do so here.
- Disable meeting sharing abilities for non-hosts. This includes the ability for others to “Join Before Host,” screen-sharing for non-hosts and the “Remote Control” function. Disable all file transferring, annotations and the autosave feature for chats by clicking on the gear-shaped Settings icon on the upper-right side of the page after you've logged in. There, you'll see the option to turn off most of the listed features. To disable screen-sharing, go to the host controls at the bottom of your screen, and click on the arrow next to Share Screen. Then, click Advanced Sharing Options. Go to Who can share? Click Only Host, then close the window.
- Lock the meeting to outsiders once all participants are on. Once the meeting begins and everyone is in, lock the meeting to outsiders and assign two meeting co-hosts. The co-hosts will be able to maintain control should anyone unsolicited get into the meeting. If you do this, remember if someone gets dropped and attempts to get back into the meeting, the host/co-hosts will have to manually allow the person in, while still blocking unwanted guests. To set your co-hosts, go to the Settings icon, then the Meetings tab. Scroll down to Co-host and make sure it is enabled. If Zoom asks you for verification, click Turn On.
- Don’t record your meetings unless absolutely necessary. If you decide to record a meeting, make sure all parties on the call are aware that the meeting is being recorded and for what purpose. Be transparent, as a hacker could potentially access your recording at a later date. If someone feels uncomfortable, don’t record.
- Remember, not every meeting has to be a video conference. Every video and audio-conferencing platform will have a level of insecurity. While sharing your face via webcam is a great way to stay connected, it may not be appropriate for highly sensitive or confidential meetings. Be conscious of the potential for confidential content to be discussed and curb it when necessary. If having a meeting with just one other participant, it may be best to go with a traditional phone call. Imagine that.
Contact your HUB Cyber Security/Risk Services Specialist for more information on video conferencing security best practices and safeguarding communications with your staff during this time.