Zoom Security: The 18 Best Tips to Secure Your Chats

Abeerah Hashim  - Security Expert
Last updated: July 30, 2024
Read time: 13 minutes Disclosure
Share

Wondering how to ensure Zoom security for your business and other communications? Check out these tips to secure your Zoom chats and meetings without hassle.

Zoom has existed since 2011 and has gained traction recently as it helps people communicate via online meetings. Yet, this facility also drew the attention of criminals who tried every possible trick to barge into users’ private meetings.

Zoom-Circle-Logo

Thus, today, you inevitably need to secure your Zoom Chats if you really want to protect your online business communications.

This guide will teach you how to adjust your Zoom settings for secure communications and provide other Zoom security tips to maintain your privacy during meetings.

Essential Zoom security tips – the quick list

Is Zoom Safe?

Is Zoom Safe?

After Coronavirus hit the world in 2020, Zoom saw a steady increase in users, reaching an all-time high of 2 million in just 3 months. However, despite its remarkable success, the company has had various privacy and security concerns. 

Here are some security and privacy issues associated with Zoom. 

  1. Despite Zoom’s assertion that it uses AES 256 encryption, end-to-end encryption is only available optionally for Zoom meetings. Also, activating E2E in Meetings limits some features.
  2. Due to the way, Zoom handles personal information, there have been cases of thousands of email addresses being exposed through the Zoom app. Using the same domain when registering for the service adds the home address to Zoom’s directory, making it possible for anyone with the same domain to call anyone on the list.
  3. Users who register with a non-standard email domain are affected by the problem (This excludes Yahoo, Gmail, Hotmail, etc.).
  4. Using pre-installation scripts, the Zoom macOS program installs using a malware-prone method. If the macOS user is not a system administrator, the software creates an admin login and password prompt to access the root directory, granting Zoom complete control over your device.
  5. According to allegations, Zoom gave users information to several businesses, including Facebook. Zoom iOS app transmitted alerts such as user device, service provider, and profile to Facebook. However, the company corrected this glitch after a user presented a case in a federal court in California.
  6. Trolls can enter a Zoom conference and publish explicit content if the user hasn’t created a strong enough (or any!) password to keep it secure. This type of assault is known as “Zoombombing.”

Security and privacy issues are the tip of the iceberg. However, there are ways that you can secure your Zoom chats.

Tips to secure your Zoom chats – Detailed analysis

Zoom security tips

Now that you are reading this section, you know about Zoom security issues. And you’re keen to find ways to eliminate them all.

Does it require any specific tips to protect Zoom Meetings? We hear you ask!

Well, it doesn’t demand any technical skills from you. Nor does it need any particular efforts regarding configuration things.

All it takes is a vigilant focus on some basic privacy practices, regardless of whether your Zoom Meetings include sensitive discussions or not.

So, let’s get started with the common Zoom security tips to protect your chats.

1. Never use personal emails to create Zoom accounts

Since Zoom is meant to serve workgroups, it essentially facilitates networking, which may sometimes become awkward. One such unwanted feature is the disclosure of users’ email addresses to others.

That’s why the first thing you should remember when beginning to use Zoom is to never use your personal email address to sign-up. That’s because Zoom considers most email addresses, except the more common ones like yahoo.com and gmail.com, as work emails. It perceives such email addresses as belonging to the same company. And thus, it exposes this contact detail to the other members in a Zoom group.

Ideally, when using Zoom to communicate with your colleagues or teammates, you should use your work email address. This way, you won’t compromise your privacy on Zoom since the participants already know your work email address.

If that’s something you can’t do, use an email address you’re comfortable sharing with others anyway.

Or, try burner email addresses for that purpose if the above-mentioned workarounds don’t suit you.


2. Secure your account with 2FA

Like always, protecting your Zoom account is the key to getting Zoom security right. For this, you need a unique and robust password.

You can use a good free password generator tool to have a unique, difficult-to-break password for your Zoom account. Or, you may use the dedicated password manager tools to generate as well as save it for you.

Precisely, what’s important here is to set up a password that you don’t use anywhere else, is not easy to guess, and remains unshared with anyone.

Once done, you should apply an extra security layer to your account login via two-factor authentication.

Fortunately, Zoom introduced two-factor authentication in September 2020 for all users. Thus, you now have a dedicated setting available in your Zoom client to protect your Zoom Meetings.


3. Secure your Zoom Meetings with a passcode

Another way to secure your Zoom meeting chat annotation is to set up a passcode for every Zoom Meeting. Whenever someone tries to join the meeting it will require a passcode to join.

Thankfully, Zoom offers this feature by default to all users. Thus, you can easily protect your Meetings right when planning one. You can share this passcode with others (via secure means) to let them join the meeting. This will prevent snoopers and perpetrators from barging in even if they get to know the Meeting link.

Nonetheless, make sure to protect this passcode as best as you can. The entire effort of protecting your Meeting with a passcode will go in vain if this passcode gets exposed.

As a safety practice, try not to share the passcode with others at the same time you share the Meeting URL. If possible, use different apps to minimize further the chances of accidental exposure of this detail to cybercriminals.


4. Set up random Meeting IDs

The next thing to improve security on Zoom Meetings is to set up a random Meeting ID.

However, you may not like this idea because remembering random Meeting IDs sounds difficult. However, they add to your security.

In simple words, a random Meeting ID, if leaked, won’t risk your future Meetings. However, despite being convenient, a personal Meeting ID pmi poses a risk if it ever attracts the attention of a snooper.


A basic problem, for now, with Zoom Meetings is that you need to share the Meeting links with others to let them join. Since this link is the main source through which users would participate, you must ensure sharing it safely.

For this, the first thing you should do to secure your Zoom chats is to never use social media for it. Instead, you may share this link with your work email or secure messaging apps like Signal.

But what if I’m going to use Zoom for a public event? We hear you ask!

Well, you might have to rely on social media in that case. You may share the Zoom Meeting link on your Facebook profile or page/group. (We don’t recommend it due to the underlying privacy risks.)

But you can apply the Zoom safety tips that we will explain below to prevent unsolicited users from barging in. Also, you can apply passcodes to your Meetings. But make sure you keep these passcodes safe.

For example, you can make it a requirement for every user interested in joining the event to ask for the passcode personally from you. In that case, you can switch to Messenger for one-to-one chats to share the code. That will also help you keep a log of who and how many users will be there in your Meeting.


6. Apply strict authenticated access to Meetings

The next important thing to secure your Zoom chats is to limit access to authenticated users only. This will automatically prevent anyone from attempting to join the meeting you haven’t authorized.

You can find this setting under the “Schedule Meeting” settings. Simply enable the “Only authenticated users can join meetings” option. You can then control who should join the meeting. At the same time, the setting restricts users from joining unless they sign in to Zoom via an email address registered with you.


7. Be careful about screen-sharing

Screen-sharing is a great feature in Zoom that has made it a favorite app among the business community. Participants sharing their screen in a meeting during calls to let others view the information they want to share. This is particularly useful for sharing presentations, worksheets, and quick demo videos.

However, the same feature went under attack during the Zoombombing incidents.

So, if you don’t want to experience that misery of watching weird, unsolicited videos, you better limit this feature.

You can adjust screen-sharing settings when setting up the Zoom Meeting. You can either limit it to the meeting host if you find the need to share your screen during the meeting. Or, you may choose other options, but make sure that you really need it before turning this option on.


8. Enable ‘Waiting Room’ for Zoom Meetings

Moving further with the best practices for secure Zoom meetings, the next recommendation is about enabling the “Waiting Room.”

Zoom launched this feature to give the host more control over the meeting participants.

With an active “Waiting Room,” users can click on the link and wait for you to approve before joining in. Thus, even if you arrive late to the meeting, you don’t have to face any strangers there. You can simply review the list and approve each user individually.

Following the Zoombombings fiasco, Zoom has enabled this feature by default. So, you don’t have to worry about meddling with this setting unless you intentionally turned it off earlier.


9. Disable file sharing

The next in our Zoom security tips is to disable file sharing.

Now, why’s that important? We hear you ask!

Well, sharing malicious files is a key way to spread malware. If a perpetrator gatecrashes into your meeting and starts sharing malicious files, it’ll cause great damage to the users by the time you control the perpetrator’s access.

So, why not prevent these attacks in the first place by turning off this feature?


10. Disable the “Join before host” feature

Toggle off the “Join before host feature” to ensure no participants join the meeting before the meeting host.

To disable the feature, sign in via Zoom web portal> Account management> Account settings> Meeting tab> Toggle off the feature.


11. Disable “Allow removed participants to rejoin”

Hosts might sometimes remove certain participants from Zoom meetings for various reasons. Ensuring that such users don’t find their way into the meeting again is paramount, and that’s why you should disable the “Allowed removed participants to rejoin” feature. 

Go to Zoom web portal> Click settings> Click Meeting tab> In-Meeting (Basic)> Disable “allow removed participants to rejoin” to trigger the feature


12. Restrict session recording

Another thing against which you need to secure your Zoom meeting chat annotation is session recording.

Though, it’s a great feature. However, if fallen into the wrong hands, this may pose a serious security threat to you and all other Meeting participants.

You can find this option when using the Zoom web app. Unfortunately, the Zoom client apps often lack this setting. So, if you wish to disable this setting, switch to the web app. (It’s also useful for your own privacy. We’ll discuss it in detail below.)

However, keep in mind that disabling or restricting session or local recording merely controls the Zoom app setting. You can’t control if someone starts using a third-party service or other means to sneakily record the session. Hence, the risk, although minimal, continues to exist.


13. Disable Attention Tracking

This one may sound much more important to the Meeting participants than the hosts. Also, this is more related to your privacy on Zoom than securing Zoom chats.

Zoom’s Attention Tracking feature allows users to see if someone isn’t really focused on the meeting. Obviously, you can’t read someone’s mind or eyes. But you can track whether the other person has your Zoom screen in focus during active sessions via an indicator.

While that’s seemingly okay, of course, it’s a privacy breach unless absolutely necessary, like if the host has made it a must.

So, to secure your Zoom chats without compromising your personal privacy, you should turn them off.

However, for this, you need to use the Zoom web app. You can’t control these settings via native clients.


14. Prefer Zoom web app instead of client apps

We have just listed some tips to secure Zoom chats that are typically available in the web app. So that’s a basic reason why we urge you again to use the web app.

Besides, Zoom’s client apps usually exhibit glitches and security vulnerabilities regardless of the platforms they support.

For instance, during the last year, Zoom fixed multiple bugs at different times. The latest is a patch for a screen-sharing glitch that exposed sensitive data.

Plus, Zoom hasn’t conducted robust security audits to back its security measures. For now, it’s unclear whether and how they collect and share users’ data with third parties.

With client apps, the developers often get vast control of users’ devices compared to the web apps where a user has more authority.

Therefore, to use the features exclusively available in the web app, avoid potential exploitation due to bugs, and keep your data secure, we advise you to stick to the web app to your best.


15. Never post about Zoom Meeting details on social media

While Zoom had been in use for years, it was only in 2020 (after the COVID-19 pandemic) that people started sharing screenshots of Zoom meetings on social media.

We do appreciate this gesture to promote the work-from-home trend. However, things started getting wrong as this practice exposed sensitive details to every good or bad internet user.

While you can’t correct past mistakes. Yet, you can certainly secure your Zoom chats in the future from Zoombombings and other threats.

All you should do is never ever share any details of your Zoom Meetings, especially screenshots, and meeting links on social media platforms like Facebook and Twitter.

Today, working online has become a global trend. So, you really don’t need to display your work efficiency to others. Nor do you have to persuade others to follow the trend by posting such things on social media.


16. Be wary of fake Zoom apps

Criminal hackers never miss any trend to exploit to target people. Continuing with the same, they started deploying fake apps impersonating popular video conferencing services such as Zoom, Webex, and more.

Because of their identical names and app layouts, these apps trick users into downloading them. Meanwhile, the users indirectly fall prey to malware and other cyber attacks.

Therefore, make sure to download the verified Zoom apps only from the Google Play Store or the Apple App Store. You can also find genuine links to these apps through Zoom’s website.


17. Use the latest Zoom app version

Ensure that you regularly update your Zoom application. Using the latest app version comes with various benefits. For instance, new Zoom app releases have bug fixes previously reported by users. In addition, the latest app version has added functionality and improved security features.


18. Take care of personal privacy

Last but not least, the most important thing among all Zoom security tips is protecting your personal privacy.

Frequently, you need to use Zoom at home for online meetings. Therefore, keep your surroundings as clean as possible from your personal stuff. You don’t want to let others know you have bought a new wardrobe or have changed your bedroom settings.

Besides, you don’t want Zoom itself to collect your data unnecessarily. Thus, try to adjust the settings in a way that allows minimal data exposure to the app as well as to others.


Try a Zoom alternative to protect your privacy 

Online safety tips

Although Zoom claims to have learned from its mistakes and is implementing new improvements, users still have concerns over its privacy and security. 

Many options are available if you are searching for an alternative to the popular conference call software Zoom. These alternatives offer a range of security and privacy features that differ from Zoom. Some of these alternatives include FaceTime and Skype.

FaceTime uses end-to-end encryption and can accommodate up to 32 participants. However, you must use an iOS device to access the service. Likewise, Skype can accommodate 50 callers in one session. However, despite its annoying connection that keeps dropping, the service offers better security and privacy using end-to-end encryption and other security features unavailable on Zoom.

FAQs

While Zoom has improved considerably regarding security, the app still lacks enough evidence of safety. Also, the back-to-back bugs and the growing interest of criminal hackers in this app make you vulnerable to cyberattacks.

To be precise, you not only risk yourself to attacks via bug exploits, Zoombombings, unnecessary tracking, or even the accidental exposure of your sensitive details publicly, such as the Zoom Meeting IDs. While the app is undergoing improvisations, you can’t trust it for sensitive business discussions.

Besides the security and privacy issues, using Zoom has its cons too. These include high subscription costs, lack of control over commenting, unstable video quality, and inconsistent file storage. That adds to your effort. Before investing in this app, you must be sure of its usefulness for your business in the long run.

Share this article

About the Author

Abeerah Hashim

Abeerah Hashim

Security Expert
174 Posts

Abeerah is a passionate technology blogger and cybersecurity enthusiast. She yearns to know everything about the latest technology developments. Specifically, she’s crazy about the three C’s; computing, cybersecurity, and communication. When she is not writing, she’s reading about the tech world.

More from Abeerah Hashim

Comments

No comments.