Is Zoom safe to use?
We’ve heard that question a lot over the last couple of weeks from clients who are using the web conferencing while working from home.
So we looked into it.
The bottom line: We believe it’s OK to use Zoom, if you take certain steps to secure the system.
Any technology you use has some risk. The goal is to mitigate the risk as much as possible and practical.
Here’s what we recommend:
- If hosting meetings, activate the “waiting room.”
- Password-protect meetings you host.
- Never publish a zoom meeting ID online.
- If you have a personal (re-usable) meeting ID, don’t use that ID for public meetings.
Let’s dive deeper into each tip:
Use Zoom’s Waiting Room Feature
“Zoom-bombing” is now a thing. Uninvited guests have crashed Zoom conferences and have, in some cases, disrupted the conference with hateful outbursts. Even if zoom-bombers sit quietly without disrupting your meeting, you don’t want uninvited guests to eavesdrop on your conference. You can enable Zoom to require attendees to enter a “waiting room” before they can join a conference. The meeting organizer must allow the waiting attendee to enter.
Navigating Zoom settings is a bit like stumbling through a corn maze. So we’re shared this video from Zoom’s site that guides you through it.
Password-Protect Your Zoom Meetings
When you create a new meeting, you can designate whether attendees will need a password to enter. We recommend you password-protect your meetings. Note: If you create an email or calendar invitation for your meeting, Zoom will append that password to the link. That makes it easier for an attendee to enter the meeting with one-click (the password is automatically entered when that link gets clicked). If you want to be extra secure, you can remove that password from the link you share. But, that’s probably not necessary — especially if you also enable waiting room.
Never Publish a Meeting ID Online
If you’re hosting a public event, ask people to RSVP by emailing you or filling out a registration form (Zoom has that feature built in). Do not post the link to the Zoom conference on your website, social media, email signature or any other place a stranger might see it. That’s the quickest way to enable uninvited strangers to show up. And that’s big trouble if you haven’t taken the two steps above.
Use Your Personal ID for Only People You Know
If you have a paid account, Zoom has given you a “personal ID” that you can use over and over when you host/launch meetings. This is a big time-saver. But it’s a security risk. Only use that personal ID when you’re hosting a meeting with someone you know and trust.
These are not the only security issues that have surfaced regarding Zoom. But if you take these steps, you will avoid the most common problems people have encountered.
For more information and tips, Zoom has published a great security guide here:
How to Recognize and Avoid Phishing Scams