Securely Hosting Zoom Meetings

This blog article will cover security best practices in setting up Zoom meetings securely!

1. Ensure the Host can manage Screen Sharing –

To prevent participants from screen sharing during a call, use the host controls at the bottom, click the arrow next to Share Screen and then Advanced Sharing Options.

Under “Who can share?” choose “Only Host” and close the window.

Image Source: Zoom Blog

Meeting host can also lock the Screen Share by default for all meetings in web settings as shown below.

Image Source: Zoom Blog

2. Ensure the Host can manage Meeting participants –

  • Allow only signed-in users to join: If someone apart from the invitees, tries to join the meeting and is not logged into Zoom with the email they were invited through, they will receive the message:

Image Source: Zoom Blog

  • Lock the Meeting when intended participants are in: This setting will ensure that no new participants can join, even if they have the meeting ID and password once the host locks the meeting.

To lock the meeting, kindly follow the below steps :

Click Participants at the bottom of Zoom window and in the Participants pop-up, click the button that says Lock Meeting.

Image Source: keepteaching.usc.edu

  • Ensure to set a password for Meeting: Generate a random Meeting ID when scheduling the event and requires a password to join.

Settings > Navigate to the Meeting tab and verify the password settings that you would like to use for your meetings.

Image Source: Zoom Blog

  • Put the Participants on hold (if required): Click on participant’s video thumbnail and select Start Attendee On Hold to activate this feature. Click Take Off Hold in the Participant’s list when you are ready to have them back.

Click on Manage Participants in the host controls > Scroll over the name of the attendee you want to put on hold. Click More, then Put on hold > Click Take off hold in the participants’ list whenever you are ready to bring them back into the meeting.

Image Source: Zoom Blog

  • Disable Video (if required): Hosts can turn participant’s video off using manage participants This will allow hosts to block unwanted, distracting, or inappropriate gestures on video.

Image Source: Zoom Blog

  • Mute Video (If required): Hosts can mute/unmute individual participants or all of them at once under manage participants option.

Select Manage Participants > Select Mute All > Click on Allow participants to unmute themselves. Clicking Continue will mute all current and new participants.

Image Source: Zoom Blog

  • Disable File-Transfer: Zoom allows participants to share files through the in-meeting chat. Host can disable this from getting bombarded with unsolicited pics, GIFs, memes, and other content.

Click on Account Management > Click on Account Settings  and scroll down. Under File Transfer option, Disable it.

Image source: Gadgetsnow.com

3. Try the option ‘Waiting Room’ –

Waiting Room is a virtual staging area that stops guests from joining until the host is ready to allow them. This feature is especially beneficial to make the meeting more secure. It also gives security plus added visibility into who is trying to join.

Click on Meeting Advanced option > Search or scroll to find the Waiting Room option > Enable the Waiting Room feature.

Image Source: Zoom Blog

After enabling the Waiting Room feature, host can choose to send all participants to the Waiting Room or to send only some participants (external accounts) to the Waiting Room.

Image Source: Zoom Blog

Secure Zoom Meetings Setup Quick Bytes –

  • Ensure the Host can manage screen sharing options
  • Ensure the Host can manage meeting participants
  • Ensure to set – require a password for meeting
  • Protect your zoom account with strong password
  • Lock the meeting when intended participants are in
  • Do not use social media to share conference links
  • Do not use your personal Zoom Meeting ID
  • Leave ‘Enable join before host’ unchecked
  • Prefer to turn host and participant video off by default
  • Mute participants on entry
  • Try the Waiting Room option

Note – Read about Zoom Security Vulnerabilities in Part 1 blog article here: https://www.varutra.com/blog/?p=2290

Blog Authors –

Poornima J. / Ashish M.

Security Consultants – Varutra Managed SOC