With the rapid adoption of video conferencing it is not surprising that bad actors are getting in on the action in ways to maliciously break into web conference meetings. Much has been made in the media when this first arose during the Coronavirus pandemic – with clips of internet trolls crashing meetings and screaming obscenities, broadcasting inappropriate images and interrupting meeting participants talking. That is definitely annoying at the very least and offensive in many cases. What is additionally of worrisome concern is the danger of even more serious breaches of personal and organizational confidential information by hackers that might be listening in and obtaining information that could be used for fraudulent and illegal purposes.
If security and confidentiality for the meeting content and discussions is a major requirement, there are other platforms like Microsoft Teams and internal SIP/H.323 videoconferencing solutions that require more advanced sign-in authentication (including multi-factor authentication) and provide a more secure environment. (A paid Zoom subscriber account also provides the option for MFA.)
There are a number of measures you can easily take – that are built into the Zoom app – to help prevent these malicious incursions.
1. Change your Zoom Password and Personal Meeting ID
- If you are concerned that some data breach has exposed your Zoom account credentials, change you password to a new and strong one. And is a good general practice to change it occasionally or use a password vault.
- If you have used and distributed your Personal Meeting ID frequently it is possible that it has fallen into to wrong hands. You should change it occasionally.
2. Use New Meeting ID’s for each meeting instead of your Personal Meeting ID.
- You are better off using unique Meeting IDs for each meeting rather than reusing your personal Meeting ID which has a higher risk of becoming compromised over time. This can be done in the meeting setup screen by toggling the Meeting ID option to Generate Automatically.
3. Require a Meeting Password
- Always use a meeting password unless you don’t care who attends.
- And if you are concerned that the invitation email or ID & Password get distributed beyond the intended audience, then send out the password separately to invitees in another form of communication.
4. Put Participants in the Waiting Room on Entry
- This is an advanced feature in the meeting setup that requires the meeting host to approve all participants before they can join the meeting. If you didn’t invite the person or don’t recognize the name, simply don’t let them in.
These settings should be enough for most meetings, however if you haven’t enabled some of the above features, or want an even safer meeting, here are a few other measures you can take:
5. Turn Off Screen Sharing for Everyone Other Than a Host
- This would prevent even an authorized guest from taking over control of the meeting presentation (intentionally or accidentally) and is a common good practice to set up by default for many types of meetings. This option can be easily toggled on and off at any time during the meeting (click the arrow next to Share Screen to view Advanced Sharing Options) – so it is often a good reminder to set it to host only at the start.
6. Disable Video for Meeting Participants
- Setting Video to Off for participants during the meeting setup would obviously prevent bombing of offensive or inappropriate content but may not make sense for many meetings.
- Note that video for the host is a different setting. Additionally (unfortunately at the time of writing) video cannot video re-enabled for participants after the meeting starts.
7. Mute Audio for all Attendees
- This doesn’t make sense for many types of meetings but is a precaution that can be easily turned on and off by the host at any time. To do this as a host, select Mute Participants On Entry during meeting setup or at the beginning of the meeting and then make sure Allow Participants To Unmute Themselves is unchecked.
- In this case, the meeting dynamics are a going to be a bit different. The best way to make it work is this: If a participant wants to speak, they raise their hand or request to speak in the chat, and the host activates their mic and then mutes the person once they are done talking.
Whether we are using Zoom, or other apps like Microsoft Teams (pka Skype for Business), GoToMeeting or WebEx, we have found these measures (or their equivalent) to be effective options to improve our internal and client meetings.
IAG facilitates remote virtual meetings like these daily (mostly as Teams Meetings but also on all those other platforms) – for our client project meetings, Requirements Discovery Sessions, Remote User Story, Sprints or Sprint Planning Sessions, Application Portfolio Optimization sessions, and various Process Modeling or Story Mapping meetings. We are happy to offer these and other tips to help you with your meetings. If you have any questions about how to coordinate and facilitate remote sessions for your projects, chat/email/call us anytime. We are here to help.