Keep up to date
Like any user-facing service, Zoom suffers from security vulnerabilities, but it’s so far proven that it can fix them quickly. Take for example, the issues that could allow an attacker to take over an Apple Mac’s microphone or camera, and a Windows problem that could let a hacker steal logins. Zoom fixed these problems on April 1.
Therefore, one of the important steps you can take is to make sure you keep any installed version of the Zoom mobile or desktop app up to date.
This ensures those issues are fixed, and your risk of compromise is lower.
Use passwords to protect your meeting–and never share your meeting ID
Zoom bombing, which sees uninvited guests crashing your meeting or chat, relies on meetings not being password protected. People often post the Zoom meeting number online, and without any protection, bombers can simply enter and do their worst.
Never share the link or meeting ID on public platforms and try not to use the personal meeting ID–instead allow Zoom to generate a random ID for each meeting.
There is the option to require a password when scheduling new meetings and require a password for instant meetings.
At the same time, disable the option “Embed password in meeting link for one-click join” and enable “Require password for participants joining by phone.”
Another way to protect: Admin > Advanced section: Enable “Hide billing information from administrators; and consider changing the length of the Host Key to 10 numbers to make it harder to guess.
Share the password securely
When using Zoom, securely sharing the password can be a challenge. In any case don't put the password on the public internet, a cybersecurity industry professional advises–this renders the whole idea of having a password useless.
Keep using basic security best practices including not sharing data such as ID or passwords, or pictures of your Zoom meetings publicly.
Use waiting rooms
Another way to stop Zoom bombers from entering your chat or meeting is the use of waiting rooms. This allows the host to screen everyone entering the meeting to ensure no one uninvited can get in.
Use the waiting room functionality as a host and double up with a meeting password for designated guests. In addition, to avoid an even more embarrassing Zoom bombing experience, set the screen sharing to ‘host only’ and disable file transfer.
It’s also a good idea for hosts to manage the meeting participants. In order to do that, you should ensure you are the only host. You can also control the camera and mute options.
Hosts can ensure participants can't share their screen without approval.
In addition, if anyone invited has been troubling you, make sure you have set it up to disable ‘allow removed participants to rejoin’ the meeting.
Take control of your privacy
As I have said before, services are free for a reason. If you are using the free version, there is certain data you might have to give up.
Assume what happens in Zoom does not stay in Zoom. Control your own privacy as you do with all online tools.
Beware of phishing
Another security risk for Zoom users is phishing, seeing attackers lead people to a malicious site to download malware or enter details.
You should always be careful when clicking on any meeting invite links. “In a hurry it may be tempting to just click on a link in the latest email, but it is always worth the wait to check.
If users are ever suspicious, they should just copy the ID from the link provided and enter it in the official application to join.