Have you heard of Zoom Bombing?

Share on facebook
Share on google
Share on twitter
Share on linkedin
I didn't think anything was wrong in posting our Zoom meeting on our website. But because of the ZoomBombing going on, it's not the best thing to do.

ZoomBombing is people other than those you want to attend crashing your meeting – even worse, taking over the soundwaves, chatwaves, and heaven forbid – the airwaves.  It’s happened at Chipolte this past week and it’s starting to happen in schools and elsewhere.  How does it happen:  it can be as simple as someone forwarding your meeting request to someone else – or posting it to a website, and having the wrong person get a hold of it.  

My first article talked about “Keeping it Simple” which works as long as you can control who is going to get a meeting invite.  But if it goes wild, KISS won’t work.  Before you go and start sharing your meetings on website calendars, explore some of the security settings in Zoom.

When you create a meeting, your security features are :

  1. Disable the Join Before Host so people can’t cause trouble before you arrive.
  2. Use the waiting room so only the people you want can attend (more on this later)
  3. If you mute participants on entry, only the host can control who can unmute themselves.
  4. Authenticated users:  Sounds good, but requires some extra work for your participants (they have to first create their own Zoom account (it can be a free account) or you all have to be from the same company.

Also see information below on if you want more control on passwords and registrations.

Now for the items you have to go looking for:  Look for Settings in the nav bar on the left in the “Personal” section.  You’ll see sections for “Schedule Meetings”, “In Meeting (Basic)”, “In Meeting (Advanced)”.  Read through these and see what makes sense to you.  Here are some that are recommended to avoid ZoomBombing – the good news is you can set these once for your account and not have to worry about it again.

  1. Disable “File Transfer” so there is no digital virus sharing
  2. Enable the co-host so others can help moderate (can only be done with paid accounts, although the co-host does not have to have a paid account)
  3. Allow host to put attended on hold (remove them from the meeting)
  4. Disable Screen Share to “Host Only” – or if that won’t work, only allow the host to start sharing if someone else is sharing. Or make sure only one participate can share at a time if you don’t.
  5. Remove annotation tools (so someone doesn’t draw on your screen – ditto with Whiteboard.
  6. Disable “Allow Removed Participates to Rejoin” so booted attendees can’t slip back in.

Do you want more control? 

  • Require a password: You can require a meeting password – something everyone in your group would know so you won’t have to put it on your invitation.  However, if you do this, don’t embed the password in the meeting link – that just voids the purpose.
  • Put attendees in waiting room that require a host (or co-host) to manually admit new participants rather than having them join the meeting automatically.
  • Require that attendees register before your meeting  (See below)
  • Check “Lock meeting” to prevent any additional participants from joinging the meeting after it has started.

Meeting Registrations:  When you create your meeting, you can require that your attendees register.  There are two registration options: Automatic approval and Manual Approval.  When you turn these on, your meeting link will require the person to type in their name and email and will then be sent the information on how to log in.  Manual approval – you have to approve the registrant before they get the email. 

References

Leave a Replay