Zoom is one of the most popular services for video conferencing. In this article, we will show what options are available to make the web service secure. For this purpose, users and administrators of the environment can optimize settings.
First of all, users should be aware that there can be no perfect protection of data in Zoom. Zoom is a web service and a US company. Therefore, all data uploaded to the cloud is initially at risk. For this reason, users should be careful about particularly sensitive data if it is to be used in Zoom.
It is quite possible that not all settings are set correctly in an environment. Even with proper settings, data may not be one hundred percent secure. When using Zoom, the latest client should always be used if possible. This is available at https://zoom.us/download. If a client is already installed, users should regularly check whether the version is up-to-date. This can be started via the “Check for updates” menu item, which is available via the user icon in the Zoom client.
Schedule secure meetings with waiting room
Zoom’s security already starts when scheduling a new meeting. Here, a secure password should always be used in “Security”. This ensures that no unauthorized people can gain access.
When scheduling a new meeting, it is also important to enable the “Waiting Room” option. This ensures that all new attendees are only allowed into the waiting room initially. The meeting scheduler and authorized people must then move the participants from the waiting room into the meeting. This gives unauthorized people virtually no access to a meeting.
Control security in meetings
Once a meeting is started, the “Security” section is available to the meeting planner at the bottom. Here, features can be enabled in the meeting, such as using chat, sharing the screen, and starting video broadcasts. Generally, who can share the screen of a meeting can also be controlled in the settings of the profile used to create a Zoom meeting. To protect users from accidentally sharing the screen, the “Host only” option can be set in “Screen sharing” in Zoom’s web settings.
The “Lock Meeting” option is used to specify that no additional participants will be accepted. This can be used to prevent unauthorized participants from connecting when all necessary participants are already connected.
User management in Zoom
Companies that rely on Zoom more frequently should plan to use the Pro edition. Starting with this edition, Zoom also includes user management. This allows you to control permissions and secure which users are allowed to attend a meeting. In “Role administration” it is again possible to control which rights a user should have in Zoom subscription.
Use two-factor authentication
As soon as it comes to the security of user accounts on the Internet, if possible, two-step authentication also multi-factor authentication should play an important role. In Zoom, via the settings of the web portal at “Log in”, each user can activate two-factor authentication himself via the menu item “Two-step authentication”.
After entering the password, users can decide for themselves whether the second code should come from an authentication app such as Microsoft Authenticator or Google Authenticator. Sending an SMS is also possible. When setting up two-step authentication, users also end up with 12 one-time codes that can be used if the user does not have access to the Authenticator app or a cell phone to deliver the SMS.
When booking Zoom starting with the Pro edition, settings are also available in the subscription settings to generally default Two-Step Authentication in the subscription. Users must then decide whether the second sign-in step should be done via an Authenticator app or via SMS.
Protect meetings with logins
In the profile settings of Zoom user accounts, important security options are available via the “Security” menu item. The “Only authorized users can join meeting” menu item can be used to control that only users with a Zoom account are allowed to join meetings, even in the free edition of Zoom.
The option “Mute all participants when they join the meeting” can be used to prevent new participants from disrupting the meeting or unauthorized participants from gaining access. This is another protection, in addition to password protection and the waiting room, that ensures that only authorized participants are allowed.
Controlling file transfers
The File Transfer option can be used to specify which file types participants are allowed to send in chats. This can be used, for example, to prevent participants from sharing documents with each other. Only file extensions that are entered are allowed by Zoom in the chats. Chats can be completely disabled via the “Private chat” option.
Customize Zoom data center
Users who use a paid subscription of Zoom can select the desired data center in the settings at “In Meeting\Advanced” option “Select data center regions for meetings hosted by your account”. European data centers should be used here if possible.