Zoom Security: What Australian Organisations Need To Know
The use of virtual meetings has exploded throughout Australia since the onset of COVID-19. With more people working from home, Zoom has become wildly popular, with 200 million people using the video conferencing software app daily. With the exponential increase in video conferencing, Zoom has also been plagued with reports of customer information leaks, Zoom-bombers, and attacks from hackers. Hackers impersonate video conferencing sites like Zoom to steal meeting IDs and passwords to gain unauthorized access and steal personal information. Zoom’s rise in popularity has caused an increase in a type of attack called Zoom-bombing. Zoom-bombing is like Photobombing, where hackers and internet trolls use meeting IDs and passwords to gain access to a Zoom meeting for malicious purposes. They disrupt meetings by sharing hate messages and, in some cases, pornography to unsuspecting meeting participants.
Top Tips to Secure Your Virtual Meetings
If you are using Zoom, you need to secure your virtual meetings against hackers and Zoom-bombers. Zoom is aware of the recent security breaches and has taken steps to update its security measures.
Update Your Zoom App
Make sure you have the latest version of Zoom, which will overwrite a previously installed copy to ensure you are working with the latest security features. Zoom says the newest version of its app, Zoom 5.0, includes encryption and new privacy controls, updates that are part of a 90-day plan to improve security and privacy on the platform. Only download the Zoom app directly from the legitimate Zoom.us site and not from any other domain. There have been over 1,700 new domains registered with the name Zoom in it since COVID-19. While some are legitimate, many have been set up by hackers taking advantage of the exponential increase in Zoom being used for virtual meetings.
Use a Unique ID and Password
Never use your Zoom meeting ID to host a meeting. Always have Zoom automatically generate a unique meeting ID and password for all invitations.
When creating a Zoom meeting, each user is given a permanent Personal Meeting ID (PMI) and automatically enables the “require meeting password” setting to generate a random 6-digit password for your invitees when you check the box. Leaving this box, unchecked, immediately allows unwanted visitors to gain access without permission.
Only Allow Authenticated Users to Join
Only allow authenticated users to join the meeting. Users should protect their Zoom meeting ID and their password against security breaches. If the PMI is shared with others, hackers and Zoom-bombers can check if a meeting is in progress and disrupt the meeting if a password is not configured even if they are authenticated invitees.
Create a Waiting Room
Zoom allows the meeting host to enable a waiting room feature to screen attendees and prevent users from entering the meeting without being authenticated. To enable this feature, open the advanced settings when creating the meeting, check the >‘Enable Waiting Room’ setting, then click the save button.
Only Hosts Should Share Their Screen
Once the meeting has started, only the host should share their screen to prevent anyone from hijacking the meeting. To use this feature, navigate to Personal > Settings > In Meeting (Basic) and look for Screen sharing. Check the option that only allows the host to share.
Lock the Meeting Once It Starts
Once the host has authenticated the credentials of the participants in the waiting room, the host should lock the meeting down so no one else can join, including latecomers. Click on the >‘Manage Participants’ button on the Zoom toolbar and select >‘More’ at the bottom of the participants’ pane then select the > ‘Lock Meeting’ option.
Remove Attendees or Put Them On Hold
The host can kick unruly attendees out of a call or put them on hold. Hover over the name of the person you want to remove on the participants’ panel on the right. When options appear, choose >Remove. Once an attendee has been removed, they can’t rejoin. To put an attendee on hold during the call, find their video thumbnail, click on their video image and select >Start Attendee On Hold.
Steadfast Solutions Offers Zoom Security Solutions For Organisations Across Australia
The best solution to securing your virtual meetings against hackers and Zoom-bomber is to work with a cybersecurity expert. Call Steadfast Solutions on 1300-739-335 or email firstname.lastname@example.org to assess your security needs with fresh eyes. The alternative could be unrecoverable damage to your industry reputation if a Zoom-bomber or hackers gain access to your virtual meetings.