You are here

Cybersecurity Tips: Zoom Video Conferencing

The COVID-19 pandemic has pushed many businesses to rely on the security and stability of their remote capabilities to ensure business continuity. In an effort to keep employees connected during this time, organizations have begun utilizing various video-conferencing tools, such as Zoom.

Lately, Zoom has been receiving a lot of negative press on their security. However, many of the incidents spread on the front page could have been prevented.

We've compiled a few tips detailing what your business can do to secure your Zoom meetings. Each organization will need to assess these settings based on their own business requirements; the settings mentioned below are, in some cases, restrictive and may not fit your business needs. Make sure Zoom is added to your patch management program to make sure you have the latest security patches, and always test and review your settings with Zoom representative.

Account Settings

1.Password protect meetings

This will mitigate Zoom-bombing. Administrators can set this as a default, but it can be changed by the user unless enforced globally.

Settings:

Require a password when scheduling new meetings

Enable

Require a password for instant meetings

Enable

Require a password for Personal Meeting ID (PMI)

Enable

Require password for participants joining by phone

Enable

 

2.Encrypt communications between all data from Zoom cloud, Zoom client, and Zoom Room

Require Encryption for Third-Party Endpoints (H323/SIP)

Enable

 

3.Disable the ability for hosts and participants to send files through the in-meeting chat

This option might not be feasible from a business perspective depending on how you want to use Zoom meetings.

File Transfer

Disable

 

4.Restrict who can share their screen and annotations

If you are working with your team on a business opportunity, it might not make sense to lockdown screen sharing. If you are hosting a large group, consider the following security controls to prevent inappropriate screen sharing, annotation, and whiteboard displays.

Screen sharing

Enable

Who can share

Host Only

Annotation

Disable

Whiteboard

Disable

 

5.Keep previously removed participants from rejoining

Allow removed participants to rejoin

Disable

 

6.Identify guest participants (someone who does not belong to your account or organization in the meeting

Identify guest participants in meeting/webinar

Enable

 

7.Enable a waiting room. Attendees can’t join a meeting until a host admits them individually

This can help prevent unauthorized individuals from joining.

Waiting room

Enable

 

8.Hide sensitive information from the snapshot of the Zoom main window and enforce globally

Blur snapshot on iOS task switcher

Enable

 

You can also set a policy for meetings that are recorded. There are times when you want to record a meeting, such as training or webinar that you would like to distribute after the meeting. Recording should be restricted to the host and should not be stored in the cloud.

9.Do not allow participants to record the meeting to a local file or record in the cloud

Local recording: Hosts can give participants the permission to record locally

Unselect

Cloud recording

Disable

 

10.Display a disclaimer to the participants before a recording starts

Recording disclaimer

Enable (add legal disclaimer)

 

Security Settings

Implement your password policy. You can also enable two-factor authentication or allow users to sign in with single sign-on (SSO) for your domain. Authentication settings can be configured to meet your organization’s requirements. Additional setting include:

1.Do not allow users to sign in with Google or Facebook

Allow users to sign in with Google

Disable

Allow users to sign in with Facebook

Disable

 

IM Management

2.Do not allow users to take and send screenshots in direct messages or group conversations

Screen capture

Disable

 

3.Do not allow users to send files in direct messages or group conversations

File transfer

Disable

 

4.Enable end-to-end chat encryption and enforce globally

This will encrypt all messages and files while being transmitted and when they are stored.

Enable end-to-end chat encryption

Enable

 

5.Disable the ability for messages and files to be stored in the cloud

Cloud storage

Disable