A year ago, many of us didn’t even know what Zoom was. Today, we couldn’t imagine a world without it and similar virtual meeting tools. While we’ve successfully pivoted in many ways to working from home (WFH), we still have lessons to learn to operate more securely.
The growth of remote web-based meetings has been paralleled by that of a rising threat – Zoom-bombing. Zoom-bombing is the disruptive presence of uninvited and unwanted participants in any online web conference platform. These participants join to vandalize or to interfere with meetings. Consider the following when hosting or joining a virtual meeting to mitigate the risk of falling victim to Zoom-bombing.
Keep yourself and virtual meeting participants safe
Waterloo has a site-license for cloud-hosted WebEx and a limited on-premises installation of Adobe Connect (for a specific set of uses) to provide audio and video conferencing for the its community. Waterloo also uses Microsoft Teams for collaboration, which includes support for online meetings. Though some departments have purchased Zoom or other similar software in the past, the University is expecting to provide and support Zoom centrally starting in the spring 2021 term.
Know your settings
Each product of all virtual meeting platforms offers different settings. However, some settings common to all will help prevent meeting interruptions. Review your settings carefully during meeting creation, and look for availability of the following options:
Require log in
Limit audio and video
Limit screen sharing
Limit chat and questions
Many people are familiar with the free version of Zoom, which is limited in the number of attendees and the maximum length of a meeting. However, the paid version offers many additional features to enhance meetings. The paid solutions offered at Waterloo are also much more powerful than free Zoom. Use the professional level software for all meetings.
All hands on deckThese platforms offer in-meeting features to require attendees to be admitted by a moderator or remove troublesome participants. It is difficult for a presenter to also monitor chat and to deal with problems while trying to present material. Break the different roles involved in the meeting among several people to ensure a good or better experience for both presenters and attendees.
Use the right tool for the job
While all virtual meeting tools can be configured to protect your meetings, some offer optimized versions for different types of on-line gatherings. WebEx, in addition to its Meeting package, offers variants for training and events. These mimic in-person classes, with audience participation limited to audio and chat. Audience participation can be further controlled with chat messages not being displayed until approved by a moderator.
I've been Zoom-bombed! What should I do?
- Try to remove the disruptive attendees from the meeting
- Prevent anyone from joining the meeting to keep the Zoom-bombers from returning
- If necessary, shut the meeting down for all participants
- Preserve all information pertinent to the meeting, including recordings
- Send a description of the events to the IST Security Operations Centre (SOC) at firstname.lastname@example.org and the incident will be investigated
Zoom-bombing is always an annoyance, but at its worst, it can be disruptive and intimidating for all meeting participants. We have the ability, though, to protect ourselves and our colleagues and students by following the advice in this document. Being security-aware can keep you from being a victim.
- IST advisory on using Zoom, https://uwaterloo.ca/information-systems-technology/news/thinking-using-zoom-please-read-message-ist-first
- WebEx documentation site, https://uwaterloo.atlassian.net/wiki/spaces/ISTKB/pages/270565742/WebEx
- Adobe Connect (for select historic group), https://uwaterloo.atlassian.net/wiki/spaces/ISTKB/pages/270565536/Adobe+Connect
- Recommendations and advisories: