Zoom Security Best Practices

Keep Up with Zoom Updates!

Be sure to update your Zoom app on every device to ensure you have access to these new security features. 

How to Update:

Zoom Users: Update your Zoom App (Windows, Mac, iOS, Android) by visiting zoom.com/download.

Zoom Administrators: Learn more about managing this update in your environment for various endpoints:  https://support.zoom.us/hc/en-us/sections/201214205-Release-Notes

Please be aware that bad actors continue to exploit the current crisis. They will try to lure users to their thinly disguised domains by promising free tools and downloads, including Zoom. Don’t be fooled! Only download software from a trusted source.

——–

As users continue to rely on Zoom to connect with work, school, family and friends, etc., Zoom developers are continuing to enhance the usability and, more importantly, the security of this product.

Keep your meetings secure and productive!

Zoom unifies cloud video conferencing, online meetings, group messaging and a software-defined conference room solution into one, easy-to-use platform. Follow these guideleines to help keep your meetings more secure and productive.

General Security Best Practices

  • Don’t post Zoom links on a public website or in social media
  • Don’t use your personal meeting ID for meetings
  • Schedule your meetings at https://zoom.us to get the full set of security options for your meeting

Security Settings for Individual Meetings

  • Add a passcode to your meeting, then share that passcode with your guests via email. The passcode is required in order to enter the meeting.
  • Uncheck “Join Before Host” to prevent participants from joining or interacting before the host enters. Set an alternate host if you need a backup host.
  • Turn on the “waiting room” for your meeting so that you can monitor who wants to join your meeting before letting everyone in.

Main Zoom Account Settings

In your main zoom account settings (Log into zoom.us > My Profile > Settings) consider the following account-wide options:

  • To protect your meetings, screen sharing has been set to “host only” for everyone. (To always allow participants to share their screens in meetings you host, log into zoom.us go to Settings, and find “Who can share?”).
    • You can grant participants the ability to share their screen on the fly during the meeting by clicking the up arrow next to the “Share Screen” button.
    • Select “Advanced Sharing Options”
    • Change “Who can share?” to “All participants”
  • Disable annotation if you don’t need it. (log into zoom.us go to Settings, and find “Annotation”). This disables annotation for the host and all participants, so only do this if you don’t need annotation yourself.
  • Uncheck “File Transfer” unless you know this feature will be required
  • Uncheck “Allow Removed Participants to Rejoin” so that participants who you have removed from your session cannot re-enter
  • Enable “Virtual background” so that participants can obscure their surroundings from other viewers.

Security Settings During a Meeting

  • Once your meeting has started, consider the following options:
    • While you are sharing your screen, you can lock annotation so that participants cannot annotate by clicking on the “…More” button in the main toolbar, then choose “Disable Attendee Annotation”
    • Once everyone has joined your meeting, you can lock your meeting so that others cannot join. To do this, click on the “Participants” button in the main toolbar so that the participant panel appears. Look for the “More” button underneath the list of participants. Click the “More” button and select “Lock Meeting”. Even participants that know the meeting ID and password cannot join once a meeting is locked.
zoom bomb

How to Prevent Zoom Bombing

With Zoom becoming so popular for holding meetings it has also become popular for trolls to disrupt those meetings. Here are some tips to minimize disruption as you move business forward.

  • Don’t use your Personal Meeting ID for the meeting. Instead, use a per-meeting ID, exclusive to a single meeting.
  • Enable the ‘Waiting Room’ feature so that you can see who is attempting to join the meeting before allowing them access.
  • Disable Join Before Host, screen-sharing for non hosts. remote control function file transferring, annotations and the autosave feature for chats.
  • Once the meeting begins and everyone is in, lock the meeting to outsiders and assign at least two meeting co-hosts to help control the meeting.

What to do if a Zoom Bomber gets in

  • Lock them out. Go to the Participants List in the navigation sidebar, and scroll down to More, Click Lock Meeting to stop further participants from entering the meeting and to be able to remove participants.
  • Shut them up. You or your co-host go to the Participants List, scroll down to the bottom. and click Mute All Controls. This makes it so the unwelcome participant can’t use their microphone to disrupt your audio.