Be careful with those Zoom passwords
It was a delight to facilitate the Incentive Awards 2020 last week - and with my association and company colleagues we really got great things out of zoom. I posted an image of me in the 'nerve centre' and eagle eyed Christoph Burgdorfer spotted some zoom passwords on the white board. They've expired now but it's so easy to do. So now it's just people who are insecure as zoom has plugged a lot of gaps in its security since the advent of zoom bombing. Here are some points I shared with a non-profit today to help things secure:
1. When publicising public or private events not publish the Zoom ID and/or password on a public site
2. Use an appointment booking site for delegates - zoom webinar, eventbrite or calendly and set it up so that delegates only see the meeting credentials once they have registered. This stops bots trawling websites to find your meeting credentials.
2. You should review registration lists ahead of any meeting to check that people are bona fide.
3. If you have any doubts a delegate's identity - change the password, and inform the other participants.
4. When you hold a meeting create a unique new meeting for each meeting this means if people have been careless with a link in the past it does not effect your new meeting. Calendly when integrated with Zoom will set up a unique ID each time, as will eventbrite.
5. Screen sharing by participants is disabled by default now with zoom, this stops unwanted contributors of content.
6. Passwords are required now for all zoom meetings automatically so do not disable this.
7. Participants are required now to join a waiting room automatically so do not disable this.
8. Zoom is now very secure - it is carelessness with meetings credential that creates the issues now
Please share back your tips and experiences.