Tips for Security with Web Conferencing Apps like Zoom

Web conferencing apps like Zoom, GoToMeeting, WebEx, Microsoft Teams, etc. have become a lifeline for all of us as we stay at home and do our best to “flatten the curve” (slow and/or stop the spread of the COVID-19). They enable us to work remotely and stay in social contact while maintaining a safe distance.

As with any internet communication, security is a concern that needs to be addressed, especially for the work we all do. Just as you wouldn’t open the door and let any member of the public into a deposition room, you obviously don’t want to permit uninvited guests to show up at your remote depo!

You may have read the phrase Zoombombing recently: there have been incidents reported where uninvited attendees to Zoom meetings have disrupted meetings and distance education sessions by using the Screen Share and Chat tools to post unwanted content. That’s a nerve-wracking concept: in our field, we deal with highly confidential information and we need to have as close as possible to an ironclad guarantee that no one will be able to access a private session!

Fortunately, there are some very simple things that web conference meeting app-users (and users of Zoom in particular) can do to ensure that their sessions are more secure:

First and foremost, all parties should be advised to use the most current update of the web conference application to ensure that they have the most current security updates. Before joining a meeting, all participants should open the web conference app and check for updates.  In the Zoom application, you can click your User ID in the upper right corner of the Zoom dialog box and then select Check for Updates from the drop-down menu.

Second, whomever schedules (hosts) the meeting should take advantage of the available security features:

  • Password protecting entry to the meeting and communicating that password separately from any email providing the link.
  • Do not post a link in a public space. (Zoombombers search for URLs that include zoom.us to look for unprotected links for meetings they can jump into.)
  • Don’t use a “Personal Meeting ID.” Because it is used repeatedly, it is easier to hack. Instead, use the unique, per-meeting IDs which are exclusive to individual, single meetings.
  • Enable the “Waiting Room” feature and require each participant to be confirmed by the host before being allowed to enter the meeting room.
  • Once all of the participants have arrived, the meeting can be locked; to prevent anyone else from joining the meeting after that time.
  • There is also the ability to lock down or limit the Chat and Screen Share features, however, these may derail the process of seeing exhibits. If security concerns are such that only a host should have the ability to access the screen sharing feature, then it might be practical to hire an impartial third party (other than the reporter; perhaps a representative from the reporting agency) to handle meeting security and the exhibits.

If you have any clients who want to move forward with a proceeding, but are holding off because of app security concerns, they can be directed to the web conference app sites for additional information about their security measures, privacy policies and app features that help protect the proceedings.

Share this post