The surge in video conferencing using the app Zoom is raising privacy and security concerns. The FBI has received increased reports of “Zoom bombing”. This is where trolls take over online meetings without permission and are bombarding meetings with pornographic and/or hate images and threatening language.

What security measures should I take when hosting Zoom meetings?

In addition to preventing Zoom bombing, it’s important to secure your valuable intellectual property and internal communications when using Zoom.

Don't Share

Avoid the Biggest Mistake:

Do not distribute your Zoom Meeting ID via social media and only send it to needed participants. Also, remind the meeting participants to not post or share the information with others.

It would be good to review Zoom’s many settings before you start hosting, but here is short list of best practices that can help protect your meetings. It is difficult to find that balance of keeping out the uninvited guests and making sure your invitees can successfully attend and participate in the meeting.

1. Enable the Waiting Room

Zoom has a tool called the Waiting Room which allows the meeting administrator to screen who can enter the call. This requires more work for the host, but makes sure only invited participants can join.
https://support.zoom.us/hc/en-us/articles/360022174112-Using-a-Waiting-Room-with-Zoom-Rooms

2. Require a password

When scheduling a meeting, you can select Require meeting password under Meeting Options. You should specify a strong password (make your password at least eight characters long and use at least three of the following types of characters: lowercase letters, uppercase letters, numbers, symbols). Participants will be asked for this password in order to join your meeting.
https://support.zoom.us/hc/en-us/articles/360033559832-Meeting-and-Webinar-Passwords-

3. Limit screen-sharing to the host

Limiting who can share their screens won’t be appropriate when multiple participants need to share and collaborate, but setting this restriction will prevent unwanted guests from interrupting the meeting by initiating intrusive sharing.

In the Zoom meeting room window, click the arrow next to “Share Screen”, and then select Advanced Sharing Options. Under “Who can share?”, select Only Host.

One solution for multiple presenters is to make a presenting participant a “Co-Host” via the participants list. Then they will be able to share their screen as needed.
https://support.zoom.us/hc/en-us/articles/115005759423

4. Turn off ability to record

By default, only the host can initiate recording in Zoom. Be sure that automatic recording is turned off. If another participant would like to record, the host will need to provide permission to that participant during the meeting. Be very judicious on who is allowed to record as the exported file could be shared outside of the intended audience and may contain sensitive information.
https://support.zoom.us/hc/en-us/articles/202921119-Automatic-Recording

5. Ensure file transfers are disabled

Zoom is a great tool for video conferencing, group chats and business collaboration, but it does not replace existing tools that are much more secure for sharing confidential files. It is safe to share files if everyone is logged into the corporate account using Single Sign-on or have OneDrive integration with Zoom. If you do not have a corporate option, you can use encrypted email or shared drives/files on cloud services like Apple, Google, OneDrive, etc. outside of Zoom.
When logged in, go to Settings. See the “In Meeting (Basic)” section and ensure that File transfer is toggled off.
https://support.zoom.us/hc/en-us/articles/209605493-In-Meeting-File-Transfer

Other Helpful Zoom Support Links