The fusionSpan Blog

Best Practices for Ensuring Security While Using Zoom

By Noah King |April 16, 2020

Whether it is for a family game night or an enterprise level meeting with new clients, it is more likely than not you have been using Zoom to stay virtually connected with others. It seems that every time you log into LinkedIn you see a link to funny virtual backgrounds or a screenshot of a team happy hour. In fact, the San Jose, CA based telecommunication provider has seen its user headcount climb from about 10 million people at the end of 2019 to over 200 million daily participants by the end of March.

Despite its widespread use and spike in popularity, there has also been a rising amount of negativity and speculation surrounding Zoom. We all have read reports of hackers selling user info, no end-to-end encryption as promised, and even SpaceX and Google telling their employees to uninstall the video tool. “Zoom-bombing” and various security bugs have caused the company to update their own privacy tools.

The obvious question is “what steps can I take to ensure the protection of my privacy while using Zoom?” After all, if you see a company like NASA suddenly ban the tool, wouldn’t you be wary? The good news is that Zoom has implemented some new security features on top of existing functionality. Check out some best practices for securing your meetings on a personal and organizational level below:

2 Factor Authentication: This two-step-sign-in process will prompt users to access a generated code on an authentication app in addition to their login credentials. This adds an additional layer of security at the basic level, and can easily be enforced by your organization’s account admin.
Password Protect Your Meetings: One of the easiest ways to prevent unwanted attendees from “Zoom-bombing” your meeting is to set passwords before joining a meeting. You can toggle password settings on and off for individuals, groups, and even overall meetings and webinars for your organization. Zoom has set passwords to “on” by default in more recent security updates.
Create Unique Zoom Meeting IDs for Every Meeting: If you are a Zoom user, you automatically are given a Personal Meeting ID (PMI) that acts as a virtual meeting room permanently reserved for you. Despite the convenience of this personal link, it should not be used for back-to-back meetings or shared with unfamiliar clients regularly. Enabling the “Generate Automatically” setting for your account will provide each meeting with a different Zoom ID, which adds a layer of security and saves you from some awkward encounters!
Waiting Rooms: Zoom rolled out this feature earlier this month, and actually enabled it by default last weekend. The Waiting Room is a feature which allows the host or co-host to admit or deny participants attempting to join your meeting. Keep in mind this will not work with some settings such as “join before host” or webinars. Settings for this can even be configured to auto-admit other members of your organization to the meeting but send guest participants to the waiting room.
Lock Your Meetings Once Every Participant Has Entered: One of the features that comes with the new security icon in Zoom meeting controls is the “Lock Meeting” feature. This easily allows the host to prevent any additional participants from attending the meeting. Locking your meeting is an easy step to prevent unwanted zoom-bombers from crashing your calls (and might even drive some habitually tardy staff to be on time!)

The Security icon in the meeting controls allows the host or co-host of a meeting to easily access various security features throughout the Zoom meeting. Along with different participant settings, the tab gives you quick access to options like “Enable Waiting Room” and “Lock Meeting.”

Zoom has also implemented features such as enforced passwords for cloud recording access, and even put a development freeze on future projects to combat privacy issues. In addition to the points listed, remember to never share Zoom meeting IDs over social media, routinely check for updates to both the web and application client, and always use a secured connection.

Adopting even one or two settings will drastically increase security for your meetings and recordings, regardless of your staff working onsite or remotely. A few quick administrative changes can go a long way in ensuring both your personal and organizational privacy.

Noah King

Noah joined the team after graduating from the University of South Carolina in December of 2019. He enjoys the opportunity to help grow fusionSpan’s online presence and complete projects across multiple departments. When not working, Noah loves to cook and go on hikes with his dogs.