Keep up to date
Like any user-facing service, Zoom suffers from security vulnerabilities, but it’s so far proven that it can fix them quickly. Take for example, the issues that could allow an attacker to take over an Apple Mac’s microphone or camera, and a Windows problem that could let a hacker steal logins. Zoom fixed these problems on April 1.
Therefore, one of the important steps you can take is to make sure you keep any installed version of the Zoom mobile or desktop app up to date.
This ensures those issues are fixed, and your risk of compromise is lower.
Use passwords to protect your meeting–and never share your meeting ID
Zoom bombing, which sees uninvited guests crashing your meeting or chat, relies on meetings not being password protected. People often post the Zoom meeting number online, and without any protection, bombers can simply enter and do their worst.
Never share the link or meeting ID on public platforms and try not to use the personal meeting ID–instead allow Zoom to generate a random ID for each meeting.
There is the option to require a password when scheduling new meetings and require a password for instant meetings.
At the same time, disable the option “Embed password in meeting link for one-click join” and enable “Require password for participants joining by phone.”
Another way to protect: Admin > Advanced section: Enable “Hide billing information from administrators; and consider changing the length of the Host Key to 10 numbers to make it harder to guess.
Share the password securely
When using Zoom, securely sharing the password can be a challenge. In any case don't put the password on the public internet, a cybersecurity industry professional advises–this renders the whole idea of having a password useless.
Keep using basic security best practices including not sharing data such as ID or passwords, or pictures of your Zoom meetings publicly.
Use waiting rooms
Another way to stop Zoom bombers from entering your chat or meeting is the use of waiting rooms. This allows the host to screen everyone entering the meeting to ensure no one uninvited can get in.
Use the waiting room functionality as a host and double up with a meeting password for designated guests. In addition, to avoid an even more embarrassing Zoom bombing experience, set the screen sharing to ‘host only’ and disable file transfer.
It’s also a good idea for hosts to manage the meeting participants. In order to do that, you should ensure you are the only host. You can also control the camera and mute options.
Hosts can ensure participants can't share their screen without approval.
In addition, if anyone invited has been troubling you, make sure you have set it up to disable ‘allow removed participants to rejoin’ the meeting.
Take control of your privacy
As I have said before, services are free for a reason. If you are using the free version, there is certain data you might have to give up.
Assume what happens in Zoom does not stay in Zoom. Control your own privacy as you do with all online tools.
Beware of phishing
Another security risk for Zoom users is phishing, seeing attackers lead people to a malicious site to download malware or enter details.
You should always be careful when clicking on any meeting invite links. “In a hurry it may be tempting to just click on a link in the latest email, but it is always worth the wait to check.
If users are ever suspicious, they should just copy the ID from the link provided and enter it in the official application to join.
As the COVID-19 situation continues to affect our current way of life, many services and organizations are beginning to look towards the future to see what technologies will aid in the prevention efforts to come. Looking at the potentially effects UAS could play, JMA iLAB published an article in a leading fire service publication, Fire Rescue 1 magazine, called "How drones could be used during the COVID-19 response."
To honor Women's History Month, WPGC 95.5 spotlights JMA Solutions' President and CEO Jan Adams, for her contributions to the Washington, DC business community.
JMA is committed to the health of our employees and guests and the JMA Leadership and Human Resource Teams are continuing to monitor the situation.
If you are in the office reminder notices on how best to protect yourself have been placed in high visibility locations throughout the JMA office suites.
In support of this, hand sanitizers have been provided at the front desk and in our conference rooms. Hand soap is available in the break rooms and restrooms and there are disinfectant wipes in each of the break rooms. Please use them freely. For those located outside of the JMA headquarters area, we will coordinate with your program managers to see what your needs are. In our headquarters space, Boston Properties, our landlord, has provided information on what they are doing to clean and disinfect the common areas.
Please remember that this is flu season and the same measures we as individuals should take to minimize our risk for flu, apply to the Coronavirus. They are;
Organization and state websites such as those listed below have continuously updated information. Please visit for the most recent news and updates.
Washington D.C., Maryland and Virginia and Oklahoma each have a formal hub. These include the latest updates and released state information. We understand that a number of employees will be affected by at least two states depending on where they reside. We ask that you follow your states orders.
Public Transport Information has been updated for employees who reside throughout the D.C./Maryland/Virginia area.
PLEASE NOTE: Due to restrictions put in place in the interest of public safety, the DC Metro (Bus and Rail) have updated schedules that adhere to the curfew. Please see below.
PLEASE NOTE: DC Metro is requesting that all customers follow recently updated CDC guidance by wearing a cloth face covering while traveling on Metro. Specifically, the use of cloth face coverings is strongly encouraged aboard all buses, trains, and MetroAccess vehicles, as well as in rail stations, bus terminals and other transit facilities.
Each of these websites and national news agencies are providing information on the virus, hot spots, risk level and most importantly, prevention methods. At this point, with very few exceptions, every country has reported an infection of varying magnitude. If you are traveling, be it local or across state lines, please exercise the same caution you exhibit here at home.
We will provide you with updates that relate to our work environment or situation as soon as we receive them.
**Beware of criminals pretending to be WHO, or US Government officials. If you are contacted by anyone, be sure to verify their authenticity before responding or sharing any personal information. You can verify if communication is legitimate by contacting the government agency or multilateral organization directly.
Product of the JMA iLAB small-Unmanned Aircraft System (sUAS) & UAS Traffic Management (UTM) Working Group
JMA Solutions, LLC (JMA) through its research and development enterprise, JMA Innovation Lab (iLAB), submits these comments in response to the request for public comment for the Federal Aviation Administration’s (FAA) notice of proposed rule making action in regards to requiring remote identification of UAS.
The accelerated growth of sUAS technology, its wider availability and growing use case portfolio has led to the adoption of sUAS by many entities, including public safety agencies, state and local governments, commercial entities and recreational flyers. Given the accelerated quantity of UAS available and flying, and questions surrounding how they can be safely integrated into the national airspace system (NAS), FAA’s efforts to propose rules on the development, deployment and regulation of remote identification in UAS is necessary.
JMA has been a leading contributor to the Federal Aviation Administration’s (FAA) efforts to integrate UAS into the National Airspace System. JMA’s work has involved leading practices in air traffic management, UAS Traffic Management (UTM) policy, Beyond Visual Line of Sight (BVLOS) guidance, Safety Management System (SMS) development, and both internal/external communication strategies to safely and efficiently integrate UAS into the NAS.
JMA iLAB’s public comment for the FAA’s Remote ID notice of proposed rule making is based on the aforementioned FAA air traffic management and UAS experience. In addition, JMA iLAB members have collaborated with a broad spectrum of UAS stakeholders through participation in several standard setting bodies, including CANSO, Drone Responders Public Safety Alliance, the ANSI UAS Standardization Collaborative, the National Public Safety Telecom Council, InfraGard and International Emergency Drone Organization.
Drone Responders Public Safety Alliance
ANSI UAS Standardization Collaborative (UASSC)
National Public Safety Telecom Council UAS & Robotics WG
InfraGard UAS Integration into Critical Infrastructure WG
International Emergency Drone Organization
In 2019, JMA iLAB published a white paper for the public safety community titled “Application, Implementation and Management of sUAS by Fire Rescue.” Subsequently, JMA iLAB published an article in a leading fire service publication, Fire Rescue 1 magazine, called “Eyes in the sky: How firefighters can use drones during all-hazards incidents.”
The implementation and justification of remote ID for UAS is very often, and accurately, compared to that of license plates on automobiles. In this case all vehicles must be identifiable by entities including, but not limited to, law enforcement and regulatory agencies. Owners must register vehicles with a motor vehicle authority in their state of residence in order to receive a license plate, which then connect vehicle owner information to that identifier (license plate). This information is relatively well kept private and normally only accessible to law enforcement.
Unmanned vehicles should also have an identifier announcing their presence to law enforcement, regulatory authorizes such as the FAA and other participating sUAS. Therefore, owners of specific drones should register each aircraft and have a unique identification attached to them. This is the basis for development of a UAS Traffic Management System.
Problems and Challenges Addressed by Remote ID
Public safety, national security and law enforcement concerns involved both the existence of two groups of aircraft operators, bad actors and unknowing actors. Bad actors wish to intentionally and negatively impact the safety and security of the homeland. In contrast unknowing actors unintentionally, through lack of technical skills or regulatory knowledge, negatively impact the safety and security of the homeland. Both require immediate attention and an appropriate official response.
For example, during the course of several emergency responses to structural fires and natural disasters requiring the deployment of traditional aircraft, the presence of unidentified UAS have led to grounding of such air assets. This has negatively impacted rescue or suppression operations. The operators of those drones were likely unknowing actors, not realizing the significant consequences of their actions. In other examples, mysterious drone sightings have been reported over cities, with calls to law enforcement. Not having the ability to identify the purpose of these flights creates a general feeling of insecurity in communities. Remote ID adoption would allow authorities the ability to identify operators and when appropriate inform or deliver consequences.
Bad actors may intentionally weaponize drones or simply use dangerously close flying to cause severe interruptions. There are arguments to be made that the history of drones in the United States does not point to any major breaches to national security or safety. While this is true, it does not mean that the potential does not exist. A failure of imagination was cited by the 9/11 Commission as one of the failures in preventing that attack, where no one had imagined airplanes would be hijacked and used as missiles flown into important sites. The intentions of bad actors cannot be mitigated with remote ID. However, the ability to identify assets in increasing complicated airspace through broadcast with the added possibility to connect a drone with a bad actor operator is a valuable tool for law enforcement.
Questions to consider for improvement of the remote ID notice of proposed rule making: How will law enforcement be able to access remote ID data in order to identify drones? How quickly will the data be available? Who will be the ultimate responsibility of remote ID information (which is also shared with third parties)?
While there are many questions on privacy and the use of drones, remote ID and the proposed rule making does present some new aspects of privacy protection. Remote Identification UAS Service Suppliers (Remote ID USS) will be tasked with providing the services to maintain registrations and tracking of broadcast or network signals.
Questions around privacy to consider: What information will be made available to the general public by the Remote ID USS? Will the Remote ID USS host personal and private information on aircraft owners, or will the FAA be responsible?
Following the comparison to cars and license plates, motor vehicle authorities keep owner information and only make it available to law enforcement and other regulatory bodies with proper cause. Fellow drivers cannot identify the registration information of a vehicle, but simply reading a license plate. In aviation, there is an additional use case that flying objects should be identifiable through use of a transponder or other broadcast signal. This should be the case for other UAS operators looking at a map of active UAS.
Remote ID as a Next Step
Remote ID is the necessary next step in the safe integration of UAS into the NAS. It is also the next step required to enable the development, regulation and implementation of other technologies and procedures to further assist safe integration. These include detect-and-avoid technologies, beyond visual line of sight (BVLOS) operations and UAS Traffic Management.
Washington, DC, February 11, 2019: JMA Solutions, LLC, donates $3,000 to the Strategy for Mentoring Initiative and Leadership Empowering (S.M.I.L.E) Organization to support their Youth Mentoring Program and other philanthropic efforts. S.M.I.L.E’s unique program model is crafted strategically by leaders within the community to ensure youth are provided with proper learning tools and resources to ultimately transfer knowledge back into the community.
“JMA Solutions is proud to support and further our commitment to S.M.I.L.E in ensuring young leaders around the world are supported, uplifted and empowered to achieve their dreams and become agents of change.” said Jan Adams, President and CEO.
In addition to the Youth Mentoring Program, S.M.I.L.E hosts numerous programs and volunteer efforts to ensure no youth is left behind. In 2019 alone, S.M.I.L.E trained 391 young leaders across 14 secondary schools, awarded 13 college scholarships, equipped 68 youth with lucrative skills through their summer skill acquisition and digital literacy program, donated 10 desks and chairs to a school and hosted 82 organizations and 200 attendees at the International Youth Day.
Strategy for Mentoring Initiative and Leadership Empowerment (S.M.I.L.E) is a youth leadership development and mentoring non-profit organization established in Lagos, Nigeria in 2011 (S.M.I.L.E) and in Maryland, United States of America in 2017 (S.M.I.L.E Initiative).
S.M.I.L.E is an Associate of the United Nations Department of Public Information/NGO, New York and in Special Consultative Status with the Economic and Social Council since 2017.
About JMA Solutions
Headquartered in Washington, DC, JMA Solutions is an award-winning government consulting firm with over fifteen (15) years of experience delivering outstanding customer support. Since 2005, we have provided customer support for Air Traffic Management, Program Management, Safety Management Systems for UAS, Commercial Unmanned Aircraft Systems, Radar and Communications Support and much more!