Many of you are using Zoom for remote work or to stay connected with friends and family. After being “Zoom Bombed” CAFP has learned valuable lessons on how to help keep Zoom meetings safe and on track. Although we cannot ever be 100% safe from hackers, you can minimize hijackings (zoom bombings) as well as maximize your ability to respond quickly and appropriately during a meeting (i.e. remove the participant, turn off screen sharing, etc...) Here are some common bombing practices and steps to take to secure your meeting:
Common Zoom Bombing Practices:
- Screensharing offensive content
- Annotating screen
- Chat comments
- Sharing offensive Virtual backgrounds
- Audio comments (unmuting)
- Recording and posting zoom bombing incident
Pre-Meeting:
- Do not post links socially, use private invite only
- Avoid using PMI (Personal Meeting ID) as this is static - select randomly generated option
- Use a password and establish unique password for each meeting - consider sharing p/w only after attendee registration
Settings:
- Under advanced sharing be sure to select, only host can share screen
- Adjust file transfer to only host
- Adjust chat functions as desired
During Meeting:
- Use waiting room - cannot join before host approves
- Use registered email list to admit or remove participants from meeting and if must do so, send back to waiting room, and put on hold
- Once all are present, consider locking meeting
- Use mute and stop video controls
- Designate a co-host with same capabilities and controls, while primary host runs meeting
After the Meeting:
- If recording to re-post, rename the file to something less obvious once downloaded
- Keep up to date with the most current software version
- Use passwords to protect your meeting
- Share password securely and to a closed group
- Manage participants, (only host can share screens, can mute participants, and remove participants and not allowing them to rejoin.)
- Take control of your privacy settings
If you are hacked or "zoom bombed," please report to Zoom and the following FBI link.