5 Ways to Keep Your Zoom Church Meetings Secure
As we continue through this time of social distancing during the COVID-19 pandemic, Christians and local churches are faced with many challenges. One of these challenges is meeting together to edify and equip the Believers, without being physically close, and adhering to the government’s guidelines.
Of course, the solution that is available to us today is video conferencing software. This communication software is being used all around the world for business, personal and recreational purposes.
There are many different applications in this space including Skype, Zoom, and GoToMeeting. Churches are faced with choosing between these applications or live-streaming their services through websites like YouTube or Facebook.
The most popular
By far, Zoom (zoom.us) has seen the greatest uptake in users and usage since the COVID-19 pandemic started. This has been attributed to the ease of joining a meeting. To join a Zoom call, you simply click the provided link and you are quickly connected to the conference call.
You can even use your browser (Chrome is recommended) and avoid downloading the software. According to Eric Yuan, Zoom CEO, in 3 months, Zoom’s daily active users jumped from 10 million to over 200 million. Zoom is being used by political parties, corporate offices, school districts, organizations, and many churches.
Security concerns and risks
As Zoom grew exponentially, privacy concerns also grew. Many experts warned about the security and privacy issues with Zoom. The biggest of these concerns was dubbed “Zoombombing”.
Zoombombing is when an uninvited user joins the meeting by finding the Meeting ID. Once in the meeting, if the settings aren’t correct, the Zoombomber can disrupt the meeting by turning on their video and/or microphone or share their screen. Zoom acted quickly to fix the security concerns by removing some features and implementing a number of new security features into the application.
Making Zoom safe
Many churches have decided to use Zoom because of its simplicity and functionality. If you or your church continue to use Zoom, it is imperative that you (and especially your church) know how to utilize Zoom in a safe and secure way.
To do this, I’ve put together a number of tips and tricks that I’ve learned based on my experience in running the Zoom meetings at my local church as well as years of using this application for personal and business use.
1. Don’t Use Your Personal Meeting ID or Recurring Meetings
Because of the risk of Zoombombing, you want to set up your meeting correctly using a unique Meeting ID and a password. This is the easiest and best thing you can do to avoid Zoombombing and having your meeting disrupted by an uninvited guest.
Every Zoom user has a Personal Meeting ID. The Personal Meeting ID allows users the convenience of quickly generating a meeting or providing a consistent link that doesn’t change. However, because the Personal Meeting ID doesn’t change, the ID can be shared easily and be used by guests to disrupt the meeting. Make sure to use a randomly generated Meeting ID when you create your meeting.
In addition to this, do not use recurring meetings for your online meetings. Even if the Meeting ID is randomly generated and is not your Personal Meeting ID, bad actors will quickly catch on to repeated Meeting IDs and use it to disrupt the meeting. Make sure to create new Meeting IDs for each church meeting.
Finally, make sure your Zoom meetings have a password set. This password is automatically inserted into your invite link so it is still easy for someone to join the meeting through their device, however, it adds another layer of security for you and your attendees.
This is a great video from Zoom on how to schedule a meeting and includes tips on generating random Meeting ID’s and adding meeting passwords: https://support.zoom.us/hc/en-us/articles/201362413-Scheduling-meetings
2. Don’t Share Your Meeting on Social Media
In order to avoid Zoombombing, I would highly recommend that you avoid posting the Zoom meeting link on your social media channels or website. Zoombombers are searching social media and on websites for Meeting IDs. Churches are a prime target because we want all to come and hear the Gospel and be encouraged (this is a good thing!). However, you don’t want someone joining the meeting and disrupting everything which will ultimately distract from the Gospel message.
Instead of posting the actual Zoom link on social media or your website, I would recommend that you simply put contact information of someone at your church who can provide the link when requested. This simple little interaction will likely stop Zoombombers from being able to access your Meeting ID and joining unexpectedly.
3. Enable the Waiting Room Feature
When setting up the meeting, it is important to enable the Waiting Room feature. This feature places attendees into a Waiting Room when they join the meeting. The host then can admit or chat with each attendee. This gives the host to vet the attendees before they enter the meeting or simply look for red flags such as usernames that look like spam or random numbers.
Zoom offers another video and article on how to enable the Waiting Room feature for your account: https://support.zoom.us/hc/en-us/articles/115000332726
4. Modify Attendee Permissions
After you (the host) have started the meeting, and before you have started to allow attendees to join the meeting, I would recommend turning off a number of permissions for the attendees to limit the actions that a Zoombomber could take.
First, make sure to turn off screen sharing for all attendees. You can do this by clicking the arrow beside “Share Screen”. Under “Who can share?”, click “Only Host”. This limits sharing of the screen to hosts only. If someone else wants to share their screen, you can allow them on an individual basis or by making them a co-host. Alternatively, you can do this by clicking “Security” and unchecking “Allow participants to share screen”.
Under Security is also an option to lock the meeting. This might be something you want to do 15 or 20 minutes into the meeting. Users are now not able to join the meeting until it is unlocked again. This is very important to do if you ever experience a Zoombomber to avoid having them join again.
Finally, as a personal preference, I like to click “Mute All” in the Participants window. When you click this, an option will come up to “Allow participants to unmute themselves”. Your meeting format will determine whether or not you check this box. If you have limited voices speaking, you can uncheck this box and manually unmute users when they need to speak. If you are having an open discussion, you can keep this box checked. This means that users will be automatically muted when they join the meeting and can unmute when they are ready to speak. In general, I also turn off video as users join (and set is as a default for the meeting) to avoid any mistakes or issues.
Here is a great article and video showing you all the host and co-host controls available to you in a meeting: https://support.zoom.us/hc/en-us/articles/201362603-Host-and-co-host-controls-in-a-meeting
5. Define a Plan of Action for a Zoombomber
The final tip is to be ready if a Zoombomber happens to join your meeting. The Zoombomber’s aim is to disrupt the meeting and they can do that by trying to share their screen, turning on their video or enabling their microphone.
After setting up your meeting correctly and disabling certain attendee features, make sure you are watching your Waiting Room list and participant list carefully throughout the duration of the meeting. Watch for suspicious behaviour like users unmuting or starting to share their screen. If you spot a Zoombomber, I would suggest you take the following steps:
- Quickly click Mute All or mute the user specifically.
- Send the user to the Waiting Room under the “More” menu shown when you hover over the user.
- From the Waiting Room you can remove the participant under the “More” menu shown when you hover over the user.
- Lock the meeting and make sure that no one else can join.
Zoom can be a great tool to edify and encourage the church and to reach out to the lost, but it can also be used to disrupt or even discourage your meeting attendees. Make sure you are following best practices and implement a few, if not all, of the tips and tricks outlined above.
At this point in time in history, we need to use the technology and tools that we have wisely to further glorify God in our lives and local churches. Let’s not be fearful of the technology but be prepared and ready to use it in a correct and responsible way.