man wearing a headset and gesturing at a computer screen

Staying Secure on Zoom

Zoom has grown hugely since the onset of the pandemic, having already gained traction as a mainstay of remote work. With any online communication platform, there are security risks, and Zoom is no different. But the UCaaS (unified communications as a service) provider has put a significant effort behind its trust and transparency policies. In addition, Zoom has undergone vetting by third-party regulators to ensure that its security features meet the highest standards possible. 

In this post, we'll lay out some risks associated with managing your meetings on Zoom, explain how you can minimize them, and explain what Zoom is doing to make its platform safer.

drawing of a woman and man communicating various kinds of information between computers in separate locations

Security Risks

Just like any online activity, Zoom meetings come with risks. One phenomenon that saw an enormous increase throughout the pandemic is Zoombombing. This refers to the deliberate disruption of Zoom meetings by gaining access to the meeting and flooding it with explicit, discriminatory, or offensive content, until the host is forced to shut the meeting down.

Another security concern associated with meeting over Zoom is the safe storage and sharing of any transcripts or recordings. You should treat these documents as carefully as any other, especially if they contain sensitive or personal information.

How to Secure Your Zoom Meetings

By making full use of the meeting settings on Zoom, you can ensure that only invited guests are able to enter your call.

First, make sure you create a new, unique link for each Zoom meeting rather than using your personal ID. You should share the link and password privately with each attendee and avoid posting them on your website, in social media channels, or on any other public platform. Enable a waiting room for your meeting, which allows you to check and individually admit participants. Limiting access to signed-in users can add an extra buffer, both for protection from Internet trolls and to ensure that any information shared stays between those for whom it is intended.

During the meeting, there are a few things you can do to maintain a high level of security. Limiting permissions for in-meeting chat and sharing files and screens is a great way to ensure that a call is not disrupted, especially in larger or more public meetings. If you lock a meeting after it starts, this will prevent potentially unwanted participants from joining. You can also disable participants' audio and video if there are only certain people who need to be seen or heard. If participants become disruptive or are admitted by mistake, you can remove them from the meeting or send them back to the waiting room if that function is enabled.

Transparency on Zoom

Any online meeting comes with security risks, but learning how to take advantage of the available security features can help you to make them far safer. The Zoom Trust Center is an excellent go-to resource, where you can find a wealth of information about trust and security on Zoom. It includes detailed descriptions of Zoom's security and privacy policies, as well as helpful features that can heighten the privacy of your meetings. All of this is presented in digestible language, allowing you to easily understand the parameters of your meetings' security and what you can do to improve it.

Third-Party Certifications

Evaluations by outside organizations can be a useful benchmark, providing extra evidence of a company's accountability to external security standards. Zoom has recently attained certification for Common Criteria Evaluation Assurance Level 2, a leading benchmark for IT product security.

Other certifications include compliance with a security program defined by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) and expansion of its SOC Type II report.

If your organization handles clients' medical information in any capacity, then it's important to know that the HIPAA-compliant version of Zoom is available at no extra cost. Understanding the HIPAA compliance requirements (PDF), and how they affect each vendor that may come into contact with health information, is absolutely essential.

Anti-Terrorism Efforts

The wide availability of the Zoom platform comes with associated risks, such as the Zoombombing incidents detailed above. Zoom aims to create a culture of trust, safety, and respect, which is why it has expanded its trust and safety initiatives. It has become a member of the Global Internet Forum to Counter Terrorism and Tech Against Terrorism in an effort to collaborate with other companies in the tech industry to combat terrorist activities on its platform.

Putting Safety First

With a little extra thought and preparation, you can make your online meetings safer for your staff, volunteers, and clients. Zoom's Trust Center lays out everything you need to know in digestible terms so that security questions can be easily addressed. By learning more about Zoom's security standards, and implementing your own meeting management policies, you can ensure that your meetings are both productive and secure.

Access Zoom through TechSoup and get a 50 percent discount on a one-year subscription for Zoom Meetings Pro or Business plans as well as selected add-ons.


Find Out More

Top photo: Shutterstock