Using Zoom Securely

Author: Craig Pollack Date: Apr 07, 2020 Topics: Remote Access, Best Practices, Cybersecurity

As many of our calls and meetings have transitioned to online, it's important to quickly learn best practices for using the virtual meeting platform Zoom. Be an informed and empowered meeting host and take precautions to address the inherent vulnerabilities currently within Zoom. This will ensure the content of your meetings as well as your attendees, remains secure and safeguarded against disruptions.

Much like the previously unknown term "social distancing", Zoombombing is the latest term we've come to accept. Zoombombing is a recent phenomenon used to describe interruptions and misconduct by uninvited participants who aim to create disruptions during Zoom meetings, courses, or webinars. Often this is accomplished by using Zoom’s screen sharing feature to take control of what's displayed.

To get a head of this, you have to take a couple of precautions when you first setup your meeting as well change a few things you do during your meetings. Here's a quick rundown of the Zoom security settings to be aware of...

added security settings for zoom

Require authentication to join – If the meeting is internal, restrict access to authenticated users. If your meeting will include external collaborators, do not use this option and enable a password instead.

Require a meeting password - Set a password for your guests to enter. Good increase in security. Also, doing this doesn't make it any more difficult for your attendees as the password will be embedded in the link you share with them.

Use the waiting room - Control when your guests are admitted to the meeting. This feature allows you to monitor who is getting let into your meeting.

Using Personal Meeting ID – Your Personal Meeting Room is always accessible with the same Meeting ID and personal link. So, it's NOT recommended to use this for back-to-back meetings or with people you do not meet with regularly. Once a participant has the link to your PMI, they can join any meeting you're having at any time, unless you lock the meeting or use the Waiting Room feature to admit participants individually.

recommended guidelines

The following tips are step-by-step instructions that provide important information to quickly and easily guard against Zoombombing:

1. Control Screen Sharing

Screen sharing is an important tool in online meetings. As a host, be sure you know how to adjust settings during or in preparation for a meeting. The default sharing setting has been set for "Host Only" which gives hosts sole permission to share content within their meetings. Learn more on how to adjust default share settings →

To adjust share settings during a meeting: 

  1. Use the host controls, click the arrow next to Share Screen
  2. Select Advanced Sharing Options.
  3. Use the options to specify who can share and when they can share. 

Use the advanced sharing options to control who can share their screen and when.

2. Lock Your Meeting

Note, if you lock your meeting, no new participants can join (even if they have a meeting ID and the password – if you have required one). To lock the meeting:

  1. Click Manage Participants
  2. Use the More dropdown to open additional options
  3. Select Lock meeting

Lock Zoom meetings using the manage participants options

3. Remove Participants

If an uninvited individual has joined your meeting, you can remove them from the Participants window. Locate their name in the Participants window, click the option for More > and select Remove.

In an uninvited individual has joined your meeting, you can remove them from the Participants window


These are three easy ways to increase the security of your Zoom meetings and limit the possibility of Zoombombing.

To better understand and stay current with the ongoing changes Zoom is making around securing their platform, here are some additional resources:

Are you using Zoom? How have you secured your meetings? Please share your thoughts in the Comment box below or shoot me an email if you'd like to chat about this in more detail.

Free Technology Review Call

Subscribe here to get our "2 Minute Tuesday" email for valuable tips & tricks!


Craig Pollack

Craig Pollack

Craig is the Founder & CEO of FPA Technology Services, Inc. Craig provides the strategy and direction for FPA, ensuring its clients, business owners, and key decision makers leverage technology as efficiently and effectively as possible. With over 30 years of experience building the preeminent IT Service Provider in the Southern California area, Craig is one of the area’s leading authorities on how small to mid-sized businesses can best leverage and secure their technology to achieve their business objectives.