Wednesday, 28 October 2020

Moving Beyond ‘Zoom Bombing’: How We are Working to Make Zoom Groups Safer

zoom bombingRecently, there have been a flood of articles warning people about security risks on Zoom, a platform many are using for on-line meetings and support groups. Those articles have warned of ‘Zoom bombing’ which basically translates to disruptors dropping into meetings to harass people attending Zoom gatherings in a variety of ways including making disturbing comments, using private messaging features to harass other attendees, and even screen sharing pornography.

These articles have also given birth to a number of rumors, including that Zoom staff are able to spy on or record meetings at their own whim. While there is certainly some truth in some (but not quite all) of these assertions, it’s equally as true that Zoom has become an essential on-line meeting spot for many who are trying to increase access to their groups, particularly during these pandemic times.

Emotions are running extra high right now, and people are understandably worried, but here’s the good news: We do not need to ditch Zoom. There are several measures Zoom group facilitators can take to make their groups safer. Zoom itself has responded by requiring all free and lower tier Zoom accounts to have passwords for every meeting. (See more on their response HERE.) However, for many organizations and communities where the desire is to make groups as widely available and easy to access as possible, this is a solution that causes more problems than it solves. After all, our in person groups are open to anyone without any red tape, and we want our on-line groups to be the same. (Click HERE for details on how to bypass the password requirement!) Here is some of what we are doing instead:

  • Mute Participants on Entry: Zoom account owners can go into account settings and turn on ‘Mute participants upon entry.’ This is also a setting that can be managed separately for each meeting, but we have it turned on as the default for all gatherings. This won’t stop the more determined disruptors, but it will at least slow them down, and make our meetings less appealing to interrupt.
  • Start Participants in a Waiting Room: We have turned on the ‘Waiting Room’ in our account settings. That means that each person who logs in will start in a room that is separate from the group meeting space, even if the group is already in progress. While this requires facilitators to keep an eye out for someone who has popped on a bit late, it again slows down potential disruptors who are just looking for easy access to cause problems.
  • Turn Off Private Chat: At least for now, we are turning off the ability to have private chats between group members (a setting that is also available in the account ‘settings’ menu). It can be useful to allow participants to type messages, but keeping them public for all group participants to see prevents someone from harassing individuals without facilitators knowing it.
  • Prevent Participants Who’ve Been Removed from Re-Entering the Group: We have made sure that the ‘Allow removed participants to rejoin’ feature is turned off in our account settings. Although this is a newer option that is still in testing with Zoom, it should help prevent people who’ve been removed from repeatedly coming back into the meeting.
  • Prevent Screen Sharing: We have also set screen sharing to ‘host only’ in our account settings, and similarly turned off anyone but the group facilitators’ abilities to alter or add to anything that the facilitators themselves may share.
  • Prevent Custom Backgrounds: Under Zoom’s advanced account settings, we have also turned off the ‘Virtual Background’ feature that allows meeting attendees to substitute their actual background with an image of their choosing.
  • Turn Off Ability to Record Meetings: While recording features are useful when doing webinars, they aren’t necessary or advisable during group meetings. We have made sure that the ability to record meetings is set to ‘off’ under the account settings ‘Recording’ tab. (And no, Zoom does not reserve the right to spy on or record any meetings themselves. Their privacy policy is available HERE.)
  • Mask People’s Phone Numbers: Additionally, we have turned on the ‘Mask Phone Number in the Participant List’ feature so that people who call into the meeting won’t have their phone numbers broadcast to the rest of the meeting attendees. This means that someone calling in with the number 413.555.6666 should instead show up as 413****666 or similar.

Perhaps most importantly, we have asked all group facilitators to let people know in advance that it’s possible there might be disruptions. While we don’t anticipate problems based on the precautions taken, in the event that they happen, we are well prepared to deal with them. Each facilitator is aware of how to remove a meeting attendee, and they are ready to do so without delay if the need arises.

These are difficult times, but we have all survived many challenges before now. We are strong. We are survivors. We value the opportunities and connections the groups help create. And, neither pandemic nor Zoom disruptors will stop us from moving forward together.



Bypassing the Zoom Password Requirement:

Zoom is now mandating passwords for all meetings on its free or lowest tier paid accounts. This is an effort to deter 'Zoom bombers' who are logging in only to disrupt meetings, and may work fine for groups and organizations that are hosting meetings for a set group of people. However, the password itself is a major disruption for those using Zoom as a platform for open support groups.

On the surface, it seems there's no way around this new mandate. When holders of these types of accounts go into their settings, they'll find the 'password' feature locked in the on position. Furthermore, the Zoom account type pages makes it appear that the next step after a one-lincense Pro accont for $14.99 is to jump to a Business account starting at $199 per month. That's quite a leap, and one most can't afford. However, there are other options for those who hold a basic paid account that are just a bit more difficult to find. (Unfortunately, we aren't aware of workarounds for people using free acounts right now.)

First, know that your invitation link for meetings should now have a password embedded automatically in it in most instances. This means that - if the way that people are joining your meeting happens primarily or strictly by someone clicking a link you've sent out - the password should be getting entered automatically. This means people attending your meetings will experiences little to no interruption or change. However, if someone simply goes to Zoom.us and enteres the Meeting ID, they will then be asked to manually enter a password. The same is true of people who join your meeting by phone.

If you're wishing to get rid of the password altogether, and your Zoom account is paid for by an organization that has a bit of a budget, you can simply go to the USER MANAGEMENT section of your account, and add a second license. That moves the $14.99 per month charge to $29.98 per month (or slightly cheaper if paid annually). Meanwhile, not only does adding a second license mean you're no longer mandated to use a password for your Zoom meetings, it also means you can schedule two meetings and groups that happen at the same or overlapping times. However, if you don't have the budget to pay around $30 per month, you can also partner with other people, groups, or organizations and merge your accounts. What does this mean/look like? Basically:

  • Make an agreement to share a Zoom account, and identify and make a clear agreement about who will be Group A (the group responsible for paying Zoom directly) and who will be Group B (the group responsible for reimbursing Group A for their portion of the costs)
  • Group A will then need to go to the same USER MANAGEMENT section as mentioned above, and add a user using the e-mail attached to Group B's pre-existing account
  • Once added, make sure that account is listed as 'licensed' and not 'basic'
  • A refund for any unused portion of time will then be provided to Group B, and Group A will begin to be charged for both licenses (with Group B responsible for paying Group A instead of Zoom directly)

All existing logins and scheduled meetings will remain unchanged, and - aside from the shift in how the account is paid for - everything else will function as everyone is used to it functioning. At this time, it appears that up to six accounts can be linked in this manner. We may not have all the Zoom answers, but we're happy to share any lessons learned with others, especially given the limitations and long waits to reach Zoom Customer Service directly. We hope this is of some help to you, but feel free to This email address is being protected from spambots. You need JavaScript enabled to view it. if you have more questions, too!






Registration & Login for Website Users