One of the hidden keys to an engaging virtual meeting is security. Security includes the challenges of securing your meeting data, especially if it is confidential or sensitive to the phenomenon of Zoombombing,1 which is the unwanted intrusion into a videoconference call by an individual or group, causing disruption. There's nothing more disengaging than having a company secret stolen or having unwanted visitors during your meeting.
Your meetings will be much more secure than most Zoom meetings if you incorporate these three practices: (1) Use a password to protect and enable access to your meeting; (2) Do not post the link on social media; and (3) Enable the “Waiting Room” feature and dedicate a person to let invited people into your meeting.
Look up guides and articles on the best security practices for your virtual meeting platform.2,3 Many of your settings may be set by your company as part of their IT security policies. If features such as Turn Screen Sharing Off or the Waiting Room are not available, ask your IT department if they can be turned on for your meeting. If the content of your meeting is confidential and requires a high level of security, you should research all of the security features available for the platform you are using. Then, use any and all security features possible!
Here is an example of my first Zoombomber. Unfortunately, they were able to share their screen and audio with my meeting attendees. I quickly regained control by taking back control of the shared screen and removing the user: bit.ly/evmzoombomb.
To help facilitators avoid this issue, I created a master class in Zoombombing. In this class, we used a variety of techniques, including disabling the “share screen” feature.
However, we let in all of the attendees in the waiting room at once. This is not recommended! We fended off over a dozen Zoombombers. Warning: strong language is in this video: bit.ly/evmzoombombmc.
In the beginning, many Zoom users were just concerned with attendees getting into their virtual meetings. Many changed their Zoom meeting ID to their phone number. They published their link to the meeting widely if they were advertising an open class. It worked, as many people were able to join the class easily. During the 2020 coronavirus pandemic, over 340 million people moved online and started to create new problems. Uninvited and disturbing visitors started showing up at virtual meetings. Security suddenly became a top issue and the first security measure is to protect your virtual meeting with a password.
To require a password for your Personal Meeting ID:
Turn on “Require a password for Personal Meeting ID (PMI).”
To require a password when scheduling new meetings:
You can make it easier while making it secure. You can customize the meeting ID of your personal meeting room; a clever, but not as secure, trick is to use your phone number.
You can customize your password for your Personal Meeting ID to something related to you or your business.
You can create an easier-to-type link after you create a secure link. When you get the link to your meeting ID with the password associated with it, it might look like something like this:
This makes it secure, but difficult to type in.
To make it easier to join your meetings, buy a new URL like http://zoomwithjohn.com or create a redirection4 from a page on your website to your Zoom link. A good example link is http://company.com/zoom. Remember, every time you share this link it could become not secure if someone shares it inappropriately.
To keep your Personal Meeting ID link safe, create a new meeting link if you host a large public meeting. You can advertise this link on more marketing resources like social media. Like a burner phone or a cheap phone, you use your meeting ID once and then dispose of your meeting code after the meeting, so if you do encounter trouble, a future meeting won't be interrupted.
Microsoft Teams automatically generates passwords for all of their meetings and does much of their security as part of their overall network security. This means you need to be logged in to your company account to get access to your virtual meetings. Also, most of the security is taken care of for you by logging in to your company account.
While passwords may make it harder to get into a meeting, using them increases your virtual meeting security. To show what you, as the host, need to provide to an attendee, Bonnie Lackey, president of Lackey Sound and Light, Inc., sums up what she needs in a meeting confirmation:
A common Zoombombing strategy is to use screen sharing to take over the screen and show inappropriate videos, pictures, or text. You can turn this feature off by default and then enable it only when you know you have trusted attendees in your meeting.
To turn off screen sharing for all meetings:
In a meeting, if you want an attendee to be able to share their screen:
For additional security and to prevent Zoombombing later in your meeting, you can turn this option back to “Only Host” after your attendee shares their screen.
If you have an open public event, I strongly recommend using the waiting room and assigning one person to admitting people in. It's like the velvet rope outside a nightclub, with your assigned bouncer carefully monitoring who gets let in.
To turn on the waiting room for your Personal Meeting ID:
To turn on the waiting room for all of your meetings:
You can customize the title, logo, and description of your waiting room. This is another place where you can customize your virtual meeting platform. Use this branding opportunity to further improve your company image or add a marketing opportunity. Here is an example of our waiting room.
The value of your waiting room comes when you start your meeting. As the host, you are in charge of the waiting room. I suggest you train someone to be your co-host and handle the waiting room.
To admit an attendee who is waiting in the waiting room:
If you recognize everyone in the waiting room, you can reduce their waiting time by clicking “Admit all.”
If you are still getting ready or if you're not ready to admit attendees to your meeting, you can send them a message to let them know you are getting ready for their meeting:
Your message will look like this to an attendee in the waiting room:
By default, the waiting room is turned on for new meetings. When you log in, click “Participants” and at the top will be a list of people waiting to be admitted. Just click the button to let them in. If you delegate this role to someone else, just wait for them to log in, click “Participants,” and click “Make Co-Host” next to their name.
You can send messages by chat to the waiting room, but unfortunately, attendees can't reply. You can turn this feature on using the Security button in the toolbar if you find you need it during a meeting.
Microsoft Teams has a Lobby, which is the holding place for their meeting.
To turn on the “Lobby”:
Using the waiting room takes practice if you do not know all of the people coming in. I suggest practicing with others before the meeting. One suggestion is to have people log in up to 30 minutes early so you can take more time to let people in. You can let people you know in more quickly. If you have one or more people you don't know, you can let them in one at a time, and you or someone else can watch that person and mute them or remove them if they don't belong in your meeting.
One way to further protect your meeting is through registration. This means that attendees need to register information, including their email, before getting a link to the meeting. You can also decide whether you want automatic approval or manual approval so you can approve each person who registered and deny people you are not expecting.
You can add branding, such as a banner and a logo, to your registration page.
See https://support.zoom.us/hc/en-us/articles/211579443-Registration-for-Meetings for how Zoom's registration works.
Are you discussing private or sensitive information? Do you want to make sure that you are not disturbed by new attendees entering your meeting? Do you want your meeting to be behind closed and locked doors?
Then you can lock your meeting. This prevents anyone from joining the meeting, even if they have the meeting ID and password.
To lock your meeting:
You can use the “Lock Meeting” security feature in combination with “Remove” to ensure that an unwanted attendee can't get back in. You can turn this off if you are ready to have other attendees join the meeting, such as if you are done discussing confidential information.
Chat is the second most engaging tool in virtual meetings, but sometimes you may want to turn it off. Perhaps you have a speaker who wants no distractions. Maybe you have a security concern. Maybe your attendees are not having a productive conversation on chat or maybe they are chatting inappropriate messages. These are times that turning off chat will make your meeting more productive.
To turn off chat:
This will turn off chat for all attendees in your meeting. You can turn it back on at a later part of your meeting. Learning how to control chat will help your meetings stay on task.
You can add more security by preventing attendees from trading files through chat by file transfer. I prefer to leave this feature on, as attendees have sent useful graphics and pictures to each other through chat. Some Zoombombers use the file transfer to send inappropriate pictures and files, so you may want to turn file transfer off before or during the meeting.
To turn off secure file transfer:
How important is virtual meeting security? It's more important than you may think. A 2014 Forrester report found that trade secrets are shared in as many as 1 in 5 online meetings. That is potentially millions of meetings where valuable information could be compromised.
While Zoombombings are cretinous, they are nowhere near as nefarious as someone tuning in to your call and simply taking notes. One hacker who joins a random meeting at the right time might be able to gain leverage against that organization.
Using the right combination of security to protect your meetings will keep your meetings productive while preventing losses to your company's important assets.