How to prevent Zoom bombing
Zoom bombing is a thing now that Zoom has become the go-to service for holding online classes and meetings/conferences. It’s when someone who is not invited to a meeting, joins in and is inappropriate or disruptive. There have been incidents where people have been showing offensive, racially charged imagery among other things. Zoom is hard at work making its streams harder to intrude on but until everything is secure, here are a few things meeting organizers can do to prevent Zoom bombing.
Change password
In an attempt to keep meetings secure, Zoom now adds a password automatically to all new meetings that are created/scheduled. Only participants with the password can the meeting. The password is a simple numeric code so it’s a good idea to change it to something unique and to use a different password for each meeting.
Make sure the passwords you use are not created on any sort of pattern e.g., don’t start going through the list of your favorite characters from a TV show.
Communicating passwords
It might be convenient to send passwords with the invitation yo a meeting but participants you send the invite and password to might unknowing share it e.g., in screenshots. It’s a good idea to withhold a password until it’s time for the meeting to start. This is obviously far less convenient but it may help avoid disruptions later on.
Screen participants
This again means more work for meeting organizers but it can help in the long run. Make sure you screen the participants that join the meeting before you allow them in. By default, Zoom has enabled Waiting rooms for all meetings but it might be hard to check every single participant. You can have participants add something to their names each time they join e.g. their university registration code. This will allow you to screen them more easily. Advise participants to use their real names and not aliases or random nicks.
It can also help to have participants RSVP if they will be attending a meeting so that you know what the total number of participants will be. There is also an option to ‘Lock Meetings’ that will prevent more people from joining once the meeting is locked. This is useful but counterproductive if your participants are struggling to come online on time e.g., students who work. Use your best judgment with this feature.
Keep it secret. Keep it safe.
Encourage all participants to keep everything about a meeting secret. Don’t share links to a meeting on Facebook groups or chat groups. Again, this adds a layer of inconvenience since posting a link in one place makes it easier to communicate en-masse. In that case, you can create a WhatsApp group where only the admin is allowed to post and add people who will be attending meetings regularly. Share links in the group and caution everyone from sharing it outside the group.
Try to be the central source of information for a meeting link so that other participants don’t end up asking others for it, who might share them over an unsecured channel.
Go on the offensive
If despite everything, your meetings are being bombed you probably have a mole on your hands and you need to figure out who it is. Depending on the number of participants you expect, break them down into smaller groups and invite them to different meetings. Check which of those meetings are bombed and you might be able to figure out who is leaking the information.
