Zoom Security Guide

[Reprinted from the Area72 website: https://area72aa.org/zoom-security-guide/]

ZOOM SECURITY GUIDE – HOW TO PREVENT AND MINIMIZE DISRUPTIONS TO YOUR MEETING.
(v7.0 – 08-April-20)

The guide below was created by a fellow member Thom R (thomr021092@gmail.com). This is a shortened version of the guide with the key bullet points and directions. A link to the guide as a whole is found at the bottom of this page.

DESIGNED FOR PLAIN LANGUAGE CLARITY FOR THE NON-TECHIES AMONG US WHO WANT THEIR ZOOM MEETINGS TO BE AS SAFE AS POSSIBLE FROM DISRUPTIONS (ALSO KNOWN AS “ZOOM BOMBING”).

Note: “Zoom Bombing” is a slang term that describes a meeting being invaded by disruptive people who are taking advantage of lax or default Zoom security settings and flooding the meetings with obscene and annoying rhetoric.

  • Try not to take these attacks personally, please. To those in recovery programs, know that these disruptors are not targeting your recovery meetings specifically. They are attacking the Zoom platform itself– the accounts that do not have their security properly configured.
  • Let’s define the problem first. The entire problem is rooted in the fact that a brand new Zoom account is set by default with the security and sharing settings mostly wide open. All features that can be used for an attack are pretty much turned on by default, instead of being turned off as they should be.

THE ZOOM CONFIGURATION GUIDE

Just follow these suggestions and you will not be able to be flooded with disruptions anymore. You still may have annoying users from time to time just like in a physical meeting, but they will be much easier to deal with, you’ll see. We’re going to greatly reduce the ways that they can attack your Zoom meeting. We’re going to configure your Zoom account the way it should have been to start with.

Simply: 

  • log in to your Zoom account with a desktop web browser, 
  • choose your personal settings on the left, 
  • follow along with the guide, 
  • find the matching settings that I describe and then 
  • change that item to the suggested setting– if it is different.

IMPORTANT TO READ BEFORE YOU START: ADMINS, HOSTS AND CO-HOSTS SHOULD NOT BE ON A MOBILE DEVICE WHEN RUNNING A MEETING. USE A FULL PC OR FAIRLY DECENT LAPTOP.

AND NOW, THE INSTRUCTIONS. JUST FOLLOW ALONG IN THE ZOOM ACCOUNT SETTINGS (everything is in order now, but this guide does skip over settings that don’t matter to security so just keep looking for the next one in the list to “sync back up” with the guide as you go through it):

* In the MEETING sub tab in account settings, change the following:

(SCHEDULE MEETING subsection)

  1. –enable/TURN ON — HOST VIDEO AND PARTICIPANTS VIDEO
  2. –disable/TURN OFF– the JOIN BEFORE HOST setting
  3. –disable/TURN OFF– USE PERSONAL MEETING ID (PMI) when scheduling a meeting
  4. –disable/TURN OFF– USE PERSONAL MEETING ID (PMI) when starting an instant meeting
  5. -enable/TURN ON– MUTE PARTICIPANTS ON ENTRY (This prevents people from coming in and being immediately disruptive

(IN MEETING – BASIC subsection)

  1. –enable/TURN ON– REQUIRE ENCRYPTION FOR THIRD PARTY ENDPOINTS
  2. –disable/TURN OFF– FILE TRANSFER so that there can be NO WAY for pictures, videos or anything else to be uploaded ever to your meeting, either in chat or via screen sharing
  3. –disable/TURN OFF– FEEDBACK TO ZOOM
  4. –enable/TURN ON– the CO-HOST feature
  5. –disable/TURN OFF– SCREEN SHARING
  6. –enable/TURN ON– DISABLE DESKTOP SCREEN SHARE FOR USERS
  7. –disable/TURN OFF– ANNOTATION, WHITEBOARD and  (all three)
  8. –disable/TURN OFF– ALLOW REMOVED PARTICIPANTS TO REJOIN

(IN MEETING – ADVANCED subsection)

  1. –disable/TURN OFF– VIRTUAL BACKGROUND
  2. –DO NOT DISABLE/TURN ON AND LEAVE ON– the WAITING ROOM feature

(RECORDING subsection)

  1. –disable/TURN OFF– LOCAL RECORDING
  2. -disable/TURN OFF– CLOUD RECORDING
  3. –disable/TURN OFF– AUTOMATIC RECORDING

(TELEPHONE subsection)

  1. –disable/TURN OFF– 3rd PARTY AUDIO
  2. –enable/TURN ON– MASK PHONE NUMBER IN PARTICIPANT LIST

DURING A MEETING HOST/Co-HOST CONTROL RECOMMENDATIONS:

1. NEW (08-April) SAFETY BUTTON (located in meeting on the control bar) GUIDE:

TOP SECTION

  • LOCK MEETING: sometimes OFF / sometimes ON
  • ENABLE WAITING ROOM: ALWAYS ON

BOTTOM SECTION “Allow Participants To”:

  • SHARE SCREEN: ALWAYS OFF
  • CHAT: HOST ONLY
  • RENAME THEMSELVES: ALWAYS OFF

2. It’s VERY IMPORTANT that only the host and/or co-hosts control the muting or unmuting of people while a meeting is in session.

3. BE HAPPY THAT WAITING ROOM IS NOW TURNED ON FOR EVERYONE! IT IS THE KEY TO FINDING THE DISRUPTERS BEFORE YOUR USERS DO.

4. DO NOT LET PEOPLE RENAME themselves

 

To view the whole guide, click here for the English version and here for the Spanish version