Now that we’re more than a month into far-reaching “stay at home” orders due to the COVID-19 pandemic, just about all of us have had a remote video meeting with friends, family or coworkers on the increasingly popular Zoom conferencing service. And that also means there’s a chance one of those meetings has been interrupted or “Zoom bombed” by online pranksters who have taken advantage of the service’s tremendous growth and made something of a hobby of logging into meetings uninvited.
We’ll get to the fairly easy and straightforward steps needed to improve your meeting security on Zoom shortly, but it’s important to provide some context about what’s at play in the online meetings and unified communications space right now as millions of workers have shifted to doing their jobs at home using remote access and cloud-based collaboration tools.
Zoom was already on a steady growth trend prior to the emergence of the COVID-19 virus early this year, and its popularity as an enterprise-level service made it an easy option for consumers to jump to – thanks to a robust free option – when most of the nation became housebound in March and needed a way to communicate.
Most estimates have the company’s growth at more than 20x in just a few months, with more than 200 million user accounts as of the beginning of April. That’s the kind of growth that has lead to the company’s name practically becoming a verb: instead of saying “Let’s have an online meeting,” it’s becoming standard to simply say “Let’s Zoom.”
Time To Take Control
Jaiganesh Lakshmisundaram, a senior product manager for Vyopta, said Zoom’s ease of use and the ability to join a meeting with only one or two clicks made it too easy for consumer users to bypass and overlook security features that normally are handled by a network administrator at the enterprise level.
“Zoom went from being an enterprise-grade conferencing and collaboration platform to being a consumer platform that could be used in every household where everyone could have a free account to do video calling. And with so much education going remote they adopted some form of a communication and streaming platform to get a classroom environment that’s set up for e-learning,” he said.
“Because there are so many steps that are normally supposed to be overseen by a network administrator and moderates accounts for an entire company and sets up the rules for what a user can and can’t do… overnight it changed to where every user has their own responsibility without knowing what safeguards need to be set up.”
Zoom and other online conferencing services offer tutorials, videos and webinars covering startup steps, best practices and security measures. Since you’re likely the head person in charge of your meeting’s integrity that means stepping up and taking the time to learn how to enable the built-in safety measures that might add a few steps for participants but will also prevent intrusions or having the wrong people viewing sensitive business data.
How To Lock Down Your Zoom Session
Lakshmisundaram advises that spending a few minutes looking at the control panels and configurations on your Zoom account will make it easy to prevent any digital gate crashers from ruining a meeting.
If you are administering a meeting, the simplest step is to enable the “Waiting Room” feature, which gives the host complete control over who can join your meeting. Like a bouncer at a nightclub, you’ll be able to make sure only the right people make it in even if the meeting link has been circulated publicly beyond the intended audience of the meeting. Zoom also offers additional ability to have your own personalized message that people would see when they are in the waiting room.
Other options include using the Advanced Sharing options to restrict participants in your meetings from screen sharing. This enables you to leverage the “Who can share?” feature to restrict sharing of any unwanted content on Zoom meeting when you keep the sharing permissions reserved for Host Only.
Host can also take other steps to manage the participants in a Zoom meeting such locking the meeting, removing unwanted participants, muting a participant or turning off their video, or disabling private chat access.
It’s worth noting that lots of Zoom bombing incidents didn’t happen because of any highly skilled hacking or faulty encryption technology, though Zoom had to fix a number of issues with its underlying security framework in recent weeks as well. Lakshmisundaram advises that posting meeting links in groups on social media platforms can quickly cause it to be viewable by dozens or hundreds of people who are suddenly one click away from joining your work collaboration session or a heartfelt call between kids and grandparents. The best deterrent here is to be judicious with how widely meeting links get shared, and adding a password only available to invited guests.
Also, whenever possible, avoid using your personal meeting IDs for public meetings and instead generate a random temporary meeting ID for your meeting.
“If everyone were just to read through the configurations that are available and learn a bit before adopting a tool they would automatically know that they shouldn’t be putting a meeting link on a place where anyone can get access to it,” he said.
“There are safeguards available across all the subscription models and they are pretty standard across the board. It’s more a matter of education and making sure you know the settings to distinguish between having a simple link for an ad hoc meeting and then having dedicated meeting IDs for my other links, while I also keep my most private meetings password protected and only share that with a closed user group.”
As part of our response to the COVID-19 pandemic, Vyopta is currently offering a free trial to help IT teams support massive expansion in remote work.
Chad Swiatecki is a business writer and journalist whose work has appeared in Rolling Stone, Billboard, New York Daily News, Austin Business Journal, Austin American-Statesman and many other print and online publications. He lives in Austin, Texas and is a graduate of Michigan State University. Find him online on LinkedIn.