Bookmark Bookmarked To MyMICA
Zoom Security Information

Zoom Security Topics, Resolution, and Actions

There are many ways you can make your Zoom gatherings more secure, here are a few tips we highly suggest to ensure your meetings have the utmost privacy and confidentiality.

Issue: Uninvited participants in a meeting.

Resolution: Uninvited participants (aka internet trolls) are the primary underlying issue in many of the published articles. There are multiple, easy ways to prevent this that are explained in a very straightforward way in this Zoom blog post for securing your virtual classroom. Please read this: https://blog.zoom.us/wordpress/2020/03/27/best-practices-for-securing-your-virtualclassroom/

Our top recommendations are below. Please log into Zoom (zoom.us) in a web browser and click on “My Account” (upper right corner). Then, on the left-hand menu there are options for “Meetings” and “Settings.”

To require a password for all meetings:

Settings > Require a password - confirm that it is ON or slide ON (blue means it is ON)

To require registration so that you can recognize the names of your participants:

Meetings > Require registration by checking the box next to "Required" for "Registration"

To enable the waiting room so you can admit only invited participants into your meeting:

Settings > Waiting Room -- turn on for all participants. You can customize your message.

Meetings > Enable the waiting room by checking the box next to "Enable waiting room"

Issue: Uninvited participants using “Annotation” or “Whiteboard” features inappropriately.

Resolution:  Settings > Hosts can turn on/off “Annotation” or “Whiteboard” 

Issue: Uninvited participants taking over the screen during a meeting.

Resolution: Zoom has set all accounts to “Host Only” for the “Share Screen” feature which means that only the host of the meeting can share their screen. Hosts can change this setting in the meeting under the “Share Screen” control if a participant should have the opportunity to share their screen.

Host recording responsibilities: If you are recording your meeting, please inform participants prior to recording. Participant recording for meetings is not enabled. Cloud storage recording is not being utilized, so local recording is the only option. (Open Studies has an established process for managing cloud recording.) Local recording prevents the issue cited in this Washington Post article about recorded video calls: https://www.washingtonpost.com/technology/2020/04/03/thousandszoom-video-calls-left-exposed-open-web/

Issue: Windows Operating System Vulnerability

Resolution: Unwelcome participants have placed links in the Zoom meeting chat that have the potential to exploit a vulnerability if clicked on by Windows (PC) users. Being aware of and managing chat settings as the host is important. Also, we encourage individual mindfulness regarding what you click on. A more in-depth article about this vulnerability for Windows users is covered in Ars Technica: https://arstechnica.com/information-technology/2020/04/unpatched-zoom-bug-letsattackers-steal-windows-credentials-with-no-warning/