Zoom Security & Privacy Hygiene Tips by Elana Zana

Using video conference platforms, specifically Zoom, has become a new way of life to facilitate check-ins, mediations, public meetings, etc.  However, as many users have already identified (e.g. the FBI – https://www.fbi.gov/contact-us/field-offices/boston/news/press-releases/fbi-warns-of-teleconferencing-and-online-classroom-hijacking-during-covid-19-pandemic) there are some security vulnerabilities with Zoom. These vulnerabilities range from stealing login credentials to Zoom bombings – interrupted Zoom meetings by unwanted visitors – jeopardizing the privacy of these meetings and potentially, the security of your system.

Here are a few tips and procedures to follow in order to maintain the security and privacy in Zoom:

  1. Many hackers are embedding URLs into the chat feature within Zoom; do not click on any URLs within this feature. See https://arstechnica.com/information-technology/2020/04/unpatched-zoom-bug-lets-attackers-steal-windows-credentials-with-no-warning/
  2. Enable a password for all meetings (ideally a random one).
  3. When joining a meeting, type in the Meeting ID and Password (rather than following a Zoom link).
  4. Utilize the waiting room feature, in which the host must allow others to join the meeting.
  5. Disable file sharing, or allow only the host to share.
  6. Disable call recording.
  7. Prevent participants from saving chats and disable auto-saving chats.
  8. Periodically inspect the list of participants throughout the duration of the meeting.
  9. Lock the meeting once everyone has joined.
  10. Do not share Meeting IDs on any social media platform.
  11. Ensure that all users are running the most updated version of Zoom (post January 2020).

Another good video meeting hygiene tip: be aware of WHO and WHAT is in your background. Sometimes, the Zoom bombers are not only unwanted hackers, but your own family member(s) not realizing you are on video.

While in many cases you are not the “host” of the meeting, you may want to discuss some of these concerns with the host to make sure that they are aware of the security and privacy issues.

So, what’s the solution? You can still use Zoom – just make sure you use it with the correct settings and actions mentioned above.