Don’t get “Zoom Bombed”

Unfortunately, there’s some people in the world who never learnt any manners when they were little. Some of these grow up to be Zoom Bombers in this current Virtual First world we find our selves in.

For those of you who don’t know, “Zoom Bombing” as it’s known is the practice of joining a virtual meeting online uninvited, and creating some mayhem. This can range from trivial being a pest to displaying graphic and horrific child abuse imagery, to stealing corporate information disclosed during the meeting.

So here’s a few tips to help you thwart the miscreants perpetrating these acts.

Try to avoid using Zoom and public registration.

Firstly, try to avoid allowing Public self registration of meeting if at all possible.  It is difficult to police self enrolment.  If you do allow it, make sure you record (permanently) registrant email addresses, and send follow up emails to ensure, you’re dealing with a real email address and not a 10minute email address.

Next, please alter the settings in your Zoom Application to reflect the following.

Disable these

  1. Disable “Embed Password in Meeting Link for One-Click Join”
  2. Set “Screen Sharing” to Host Only
  3. Disable “Remote Control”
  4. Disable “File Transfer”
  5. Disable “Allow Participants to Rename Themselves”
  6. Disable “Join Before Host”
  7. Disable “Allow Removed Participants to Rejoin”
  8. Disable “Recording” for participants.

Enable these settings

  1. Enable “Mute Participants Upon Entry”
  2. Enable “Always Show Meeting Control Toolbar”
  3. Enable “Identify Guest Participants in the Meeting/Webinar”
  4. Enable “Waiting Room”
  5. Enable “Require a Password When Scheduling New Meetings”
    1. For instant, Scheduled and PMI
  6. Also enable “Require Password Minimum Length”
    1. 7 characters is a good minimum even if you only allow digits.

Now of course this doesn’t guarantee you won’t have uninvited miscreants. But it does make what they can do in there far less effective.

Business Intelligence Security