But this popularity has also shone a light on some of the platform’s security risks.
The use of Zoom video conference software has increased 378% since the coronavirus outbreak.
A new term that has come into the zeitgeist as a result of the security vulnerabilities and significantly increased use of the application is “Zoom-bombing.”
The Zoom-bombing phenomenon has caused school districts, governments, and other organizations to stop use of the video conference platform and seek other solutions due to IT security worries.
However, the same things that plagued Zoom’s meeting security can also be found in other platforms, it’s just that Zoom became the most popular.
This is due to its ease of use, low latency (meaning video and audio have fewer lag time problems), and the fact that it has a free-to-use option.
What is Zoom-Bombing?
You can imagine what a security problem it would be if your company were having a morning meeting via video conference and suddenly a stranger joined the meeting and hijacked the screen sharing app to show an inappropriate image.
Zoom-bombing has become a big problem due to the intense reliance on video conferencing during social distancing orders and the fact that many troublemakers have extra time on their hands.
What happens is that online video meetings are not properly secured, and “gate crashers” . Join a meeting uninvited to cause disruptions like shouting profanity or hate speech or showing inappropriate images.
But you don’t have to completely stop using Zoom or other video conference tools if you know the right settings to use to secure your online meetings.
How to Set Up Your Video Conferences for Privacy
A good sign that Zoom can still be used safely is that their company immediately addressed security problems by halting all other development.
They focused solely on pushing out security updates once reports of Zoom-bombing began to occur. Some of the improvements made to the platform include:
- Defaulting the app to more secure meeting settings instead of less secure
- Removing the meeting ID from the top of the window (which was accidentally being broadcast via screenshots)
- Increasing backend security and patching vulnerabilities
- A plan to add a “report user” button in late April 2020
Here are the settings you need to use to protect your online meetings and use Zoom (or another platform) securely.
Use a Randomly Generated Meeting ID
Zoom assigns users their own meeting ID that stays the same. It’s meant to make it easier for recurring meetings because you don’t have to send out the ID every time.
But keeping the meeting ID the same increases the risk a Zoom-bomber will latch onto it and use it.
It’s much safer to use the option to generate a new ID for your meeting, so each one has a different URL and different sign in.
Password Protect Meetings
Just about every video conferencing software will give you the option to password protect your meetings. While this may have seemed like an unnecessary step prior to the pandemic.
Zoom-bombing has made this an important security setting that you should use for every meeting.
Keep Users in the Meeting Waiting Room
You can gate-keep your online meeting by only allowing the organizer/presenter into the meeting automatically and having everyone else stay in the waiting room.
The organizer has to physically approve participants to enter the meeting. If they see an unauthorized user, they can keep them out.
Lock the Meeting
In the participants area of Zoom there is a lock meeting option. This is a great safeguard to use if all invited participants have already joined the conference.
Locking the meeting stops any newcomers from joining, even if they have the meeting password. So you’ll want to make sure everyone is there before clicking on the lock.
Limit Screen sharing/Annotating Activities
Two features that Zoom-bombers have been known to exploit are the screen sharing and annotating (or doodling) feature of video meeting apps.
You want to set up your meeting so that only the presenter has the ability to use these. You can always grant permission to individual users once the meeting has already begun and been locked.
Make Sure Everyone Updates their Zoom App
Zoom can be used on desktop and mobile. So you want to be sure that wherever employees use it that they’ve updated the application, and keep it updated regularly.
This will ensure that the new security features being rolled out by Zoom for both frontend and backend protection are applied and active for all users.
Need Help Securing Your Cloud Platforms?
Cloud applications like Zoom can often pose a security risk if cybersecurity isn’t properly addressed.
RCOR’s experts can help you ensure that your cloud infrastructure isn’t posing any unnecessary risk for your business.
Contact us today to schedule an IT security consultation. Call 919-263-5570 or contact us online.