We recommend exercising due diligence and caution in cybersecurity efforts, and taking the following steps to mitigate teleconference hijacking threats:
- Do not make meetings or classrooms public. In Zoom, there are two options to make a meeting private: require a meeting password or use the waiting room feature and control the admittance of guests.
- Do not share a link to a teleconference or classroom on an unrestricted publicly available social media post. Provide the link directly to specific people.
- Manage screen-sharing options. In Zoom, change screen-sharing to “Host Only.”
- Ensure users are using the updated version of remote access/meeting applications. In January, Zoom updated its software. In the security update, the teleconference software provider added passwords by default for meetings and disabled the ability to randomly scan for meetings to join.
- Ensure your organization’s telework policy addresses requirements for physical and information security.
- Keep your Zoom up to date. If Zoom notifies you of a newer version, make sure you install the update.
.png)
