Learn to Prevent Zoombombing

Learn to Prevent Zoombombing

Zoom Safety and Privacy:

  • With Covid19 social distancing measures in place, almost all organisations and individuals have turned to webinars and meetings platforms and which is as a way to connect with all and Zoom has been one of the most widely used tool considering the easiness of use of the tool.
  • Zoom tool was built in a model to consider user easiness to use the tool, there are benefits and risks for safety and privacy, accessibility, and organisations’ confidentiality obligations. We must bear in mind that the tool that works for internal meetings or communicating with community partners may not be a tool that is private or safe for communicating confidentially matters.
  • Zoom has video chat for one-to-one or groups and has both free and paid plans. Zoom uses both asymmetric and symmetric algorithms to encrypt the chat session. Cloud Recordings are processed and stored in Zoom's cloud after the meeting has ended. These recordings can be password protected or available only to people in your organization.
  • We are in the midst of Chinese regime aggression on the Indian boarders and its known fact of its Chinese origin and still people are using the tool, which is a matter of concern promoting Chinese products. The above precautionary measures were given considering already subscribed members residing in India.

Zoombombing or Meeting Hijacking:

  • Zoombombing is when bad actors join and hijack a meeting by posting explicit content or trolling the meeting. Zoom-bombings can be traumatising for participants and organisers as many instances of this have included taking over the screen to display hateful, violent, racist content and Anti-India messages are posted.
  • It becomes an issue when a meeting link is shared publicly and there are settings to prevent it from happening. Please make a note with these settings, the public option functionality is not meant for sensitive, private information and disclosures.
  • If possible share the link to a meeting with known participants and do not make it public. Participants should be advised not to share links without approval to minimise the risk of hijackers accessing meetings. The best way to be more secured is that the meeting is conducted with pre registrations only and this is not part of the free plan.
  • If you are using Zoom and sending links publicly, follow the below settings to prevent Zoom bombing.

Zoom Setups to avoid Zoombombing:

  • All of these below options can be found in the Zoom web portal under Settings.
  • Require a password when scheduling new meetings (Schedule Meeting)
    • a) This is mandatory from 19th July 2020
  • Mute participants upon entry (Schedule Meeting)
    • a) Host can control whether participants can unmute themselves.
    • b) Host has ability to individually unmute participants in the meeting.
  • Disable File transfer (Basic Settings)
    • a) This prevents the host and participants from sending files through the in-meeting chat.
  • Control Screen Sharing (Basic Settings)
    • a) Change from All Participants to Host Only. This prevents someone from taking over the screen and displaying their content.
  • Control Chat (Basic Settings)
    • a) Turns off ability for meeting participants to send a message visible to all participants.
  • Prevent removed participants to re-join (Basic Settings)
    • a) Make sure this is not enabled. If the host has to remove someone during the meeting, this prevents them from re-joining.
  • Establish a Waiting Room (In Advanced Settings)
    • a) This allows the host and co-host to monitor and control who is joining the meeting.
    • b) This is mandatory from 19th July 2020
  • Create a unique meeting ID (Schedule Meeting)
  • Report a user as a host (Security)
    • a) Then select the user and fill out the appropriate information detailing why the person is being reported.

Other Considerations of Better Control During the Meeting:

  • Even if you’ve updated your settings and have been cautious with sharing your meeting information, it’s possible that a bad actor gets into your meeting. This is where turning off the screen share function for everyone but the host, disabling file sharing, and even disabling the public chat is critically important. But there are a couple additional things you need to setup to prevent unexpected trolls from taking over.
  • Once a meeting or chat begins, you have the ability to lock the room and prevent anyone else from joining. Under “manage participants,” at the bottom of the screen, choose “more” then “lock room.” This may be challenging if you have people that have to drop off the meeting for a period of time and want to come back.
  • Enable Registrations (With Approval)
    • a) This feature is enable for paid versions only
  • Join before host (Disable)
    • a) Allow participants to join the meeting before the host arrives
  • Mute participants upon entry (Enable)
    • a) Automatically mute all participants when they join the meeting.
  • Private chat (Disable)
    • a) Allow meeting participants to send a private 1:1 message to another participant.
  • Screen sharing (Only by Host)
    • a) Allow host and participants to share their screen or content during meetings.
  • Annotation (Disable)
    • a) Allow host and participants to use annotation tools to add information to shared screens.
  • Remote control (Disable)
    • a) During screen sharing, the person who is sharing can allow others to control the shared content.

Reach us at: support@endnowfoundation.org