Area News

Area 72 Publishes Comprehensive Guide to Securing Zoom Meetings

407


“Zoom Bombing” is a slang term that describes a meeting being invaded by disruptive people who are taking advantage of lax or default Zoom security settings and flooding the meetings with obscene and annoying rhetoric.

  • Try not to take these attacks personally, please. To those in recovery programs, know that these disruptors are not targeting your recovery meetings specifically. They are attacking the Zoom platform itself– the accounts that do not have their security properly configured.
  • Let’s define the problem first. The entire problem is rooted in the fact that a brand new Zoom account is set by default with the security and sharing settings mostly wide open. All features that can be used for an attack are pretty much turned on by default, instead of being turned off as they should be.

How to Prevent and Minimize Disruptions to Tour Meeting

Just follow these suggestions and you will not be able to be flooded with disruptions anymore. You still may have annoying users from time to time just like in a physical meeting, but they will be much easier to deal with, you’ll see. We’re going to greatly reduce the ways that they can attack your Zoom meeting. We’re going to configure your Zoom account the way it should have been to start with.

Simply log in to your Zoom account, choose your account settings, follow along, find the matching settings I describe and make the recommended changes if necessary. If you search around in your settings you will find what I am talking about.

  1. Change the SCREEN SHARING setting to “HOST ONLY”. NO non-hosts should EVER be allowed to screen share for any reason ever
  2. Disable the JOIN BEFORE HOST setting
  3. Enable the CO-HOST feature
    • HOSTS AND CO-HOSTS SHOULD NOT BE ON A MOBILE DEVICE. USE A DESKTOP OR LAPTOP MACHINE FOR HOST DUTIES
    • Co-Hosts are key, rely on them
  4. Disable FILE TRANSFER so that there can be NO WAY for pictures, videos or anything else to be uploaded ever to your meeting, either in chat or via screen sharing.
    • Until Zoom implements a way for hosts to verify a file before rejecting it or allowing it through, just please, TURN IT OFF.
  5. Disable ALLOW REMOVED PARTICIPANTS TO REJOIN
  6. In the RECORDING sub-tab in account settings, turn OFF all recording functions.
    • Disable LOCAL RECORDING
    • Disable CLOUD RECORDING
    • Disable AUTOMATIC RECORDING
  7. In the TELEPHONE sub-tab in account settings, change the following:
    • Enable MASK PHONE NUMBER IN PARTICIPANT LIST
  8. In the MEETING sub-tab in settings, change the following:
    • Enable REQUIRE ENCRYPTION FOR THIRD PARTY ENDPOINTS
    • Disable FEEDBACK TO ZOOM
    • Disable SCREEN SHARING
    • Disable DESKTOP SCREEN SHARE FOR USERS
    • Disable REMOTE CONTROL
  9. Disable VIRTUAL BACKGROUND
  10. It’s VERY IMPORTANT that only hosts and co-hosts control the muting or unmuting of people
    • Enable MUTE ON JOIN
  11. Enable the WAITING ROOM feature
  12. Do NOT let people rename themselves
    • This is done by the host and co-hosts from within the live meeting interface
  13. TURN OFF CHAT during the meeting. Or set it to “HOSTS ONLY” but not to EVERYBODY

The guide was created by a fellow member Thom R. (thomr021092@gmail.com). This is a shortened version of the guide with the key bullet points and directions. To view the whole guide, click here