Hello and welcome to Think Cyber Secure! Firstly, I want to say thank you reading. I know how valuable your time is, so thank you for choosing to spend some if it with us.
Don’t want to read this post? Listen to the podcast instead:
In the last year, virtual meeting tools have exploded in use, Zoom being one of them.
However, like most software or services, Zoom doesn’t come with many of its security features turned on by default. It’s not all that clear on what you should enable, either.
This lack of security in meetings was evident earlier this year with all the Zoom-bombing incidents.
If you don’t remember what those were, Zoom-bombing was when someone would successfully attempt to connect to a random meeting with the intent to disrupt the meeting. Some were innocent disruptions; others were a bit lewder.
Since many sessions weren’t using many of the security features, Zoom-bombings were quite successful, hence all the media coverage at the time.
I’m sure you can imagine what the impact could be if someone were Zoom-bombing with more malicious intent than just interrupting your meeting.
So, how can you set up your Zoom account to ensure it’s secure and not become a victim of a Zoom-bombing incident?
We have eight things you can do to ensure your Zoom meetings are secure.
Turn on the waiting room
The waiting room feature puts all attendees who join your meeting into a virtual waiting room instead of directly into the meeting.
Once in the waiting room, the meeting host can manually admit each one, ensuring those in the meeting should be there.
Add a strong password to your meetings
Two things made Zoom-bombing successful. The first was no meeting waiting rooms; the second was no meeting passwords.
As you can expect, a meeting password restricts attendance in your meeting to only those who have the password.
Lock the meeting
Once all attendees are in, lock the meeting. Once locked, nobody else can join, even if they have the password.
Locking the meeting adds an extra layer of security once your meeting is in progress, just in case someone else has the meeting details.
If you’re talking about anything confidential, turn on end-to-end encryption and avoid using their “enhanced encryption” setting.
End-to-End encryption ensures nobody can snoop on your conversation because the meeting is encrypted from one participant to the other.
Disabling their “enhanced encryption” setting ensures the encryption keys – essentially the password that encrypts your communication – are stored on your computer, not the cloud. When the keys are stored on your computer and not in the cloud with Zoom, it ensures that even Zoom can’t decrypt and listen in on your meeting.
Of course, this will break some features, such as meeting recordings, where Zoom needs to listen in to record the meeting.
Suppose you want to use one of those features. In that case, you will need to consider the risk of reducing security vs. the value of the feature and make the decision for yourself, of which one takes priority.
Let Zoom generate random meeting IDs for you
By default, Zoom creates you a personal meeting ID that doesn’t change unless you manually change it. Creating meetings in Zoom with auto-generated meeting IDs makes meeting IDs for each meeting.
Because the meeting IDs only work for that meeting and make it harder for someone to join unexpectedly or maliciously.
Also, because each meeting has a unique number, anyone joining early for your next meeting can’t disrupt or listen in on your current meeting.
Don’t share the password publicly
Sharing the meeting ID and the password publicly defeats the benefit of using a password.
You may not intend to have a disruptive attendee when you’re sending invites; however, there is one disruptive attendee every so often.
Limit hosts to only yourself, and disable attendees’ option to rejoin, share their screen, and mute everyone. These options reduce the chances of an attendee being disruptive. If an attendee becomes disruptive, you can remove them from the meeting, and they can’t rejoin.
Avoid file transfers
If you need to transfer files, use a file transfer service you trust rather than Zoom, especially if you have one that’ll scan and ensure files transferred are safe.
Those are eight things you can do to ensure your Zoom meetings are not only secure but also free from disruptions like Zoom-bombing.
So, are there any features here that you think might help your business better secure your Zoom account?
At Think Cyber Secure, we uncover the hidden gaps that cause cyber risk, and develop an action plan that will eliminate the stress and frustration resulting from cybersecurity.
If you’re interested in improving the cybersecurity of your business, then be sure to subscribe and follow along with us.
The goal of the blog and podcast is to help you, as a business owner, an entrepreneur, a freelancer or whatever you may be make your business more cyber secure with detailed tips and information each and every week.
To be sure you’re notified when we publish another post and to get access to other resources as well, subscribe to our mailing list.
Are you stressed about your business’s cybersecurity?
Subscribe to follow along with us, as well as receive tips and information on how to keep your business cyber secure!
Again, thank you so much for reading!