While the Zoom video conferencing service enables students, faculty and staff to connect during this time of social distancing, it can also allow unwanted participants to crash meetings and classes if the online sessions aren’t properly secured.
To prevent these intrusions, also known as “Zoombombings,” WSU experts have put together a guide for securing virtual meetings. Each security method has its advantages and disadvantages for hosts to consider. Fortunately, any settings can be easily enabled and disabled by signing into your Zoom profile.
Any of the methods listed below can be applied to scheduled meetings by editing the meeting settings or by changing the user settings before the meeting starts.
Require passwords
The simplest and most effective way to secure a meeting is to enforce a password. Anyone with the meeting details – students joining from Blackboard or staff using an emailed invitation – won’t have to enter the designated password in order to join. Participants who join by simply entering the meeting ID, however, would be unable to access the session unless they entered the password, adding an extra step to the process.
Embedded password protection is now the default for new Zoom meetings following an update by WSU Information Technology Services. In order for the newly implemented password protection to take effect, existing links to Zoom meetings in Blackboard or via Outlook will need to be updated. Instructions on how to do so can be found here. Faculty with questions can also contact online.registrar@wsu.edu.
Zoom-generated URLs will included an embedded password, meaning attendees can simply click the link as usual. Users can opt out of this new default setting, though doing so comes with reduced security protections for any future scheduled Zoom meetings.
Authenticated users
Hosts can also enforce authentication, requiring participants to be authenticated by Zoom prior to joining a meeting. This setting – found under the meeting options – doesn’t restrict participation to only WSU accounts, which means malicious individuals can still join meetings so long as they make a free Zoom account.
Authentication is now required for all Zoom users to access WSU Zoom resources following an update by ITS. User access via web browsers has also been removed by ITS, requiring access via Zoom’s desktop or mobile applications only.
Restrict screen sharing
Hosts can also restrict screen sharing. This setting allows only themselves and any designated co-hosts to show their screens. Without host approval, participants won’t be able to share imagery or other content on their screens, meaning hosts and co-hosts will need to be on their toes.
Disable chat function
Zoom also allows hosts to shut down the in-session chat function during Zoom meetings. This method also prevents private one-on-one chats during the meeting. While it can prevent sharing of information during quizzes, tests and similar events, hosts will need to ensure chatting is re-enabled in the event they do require participants to collaborate over in-meeting text.
Don’t share meeting ID
Hosts are also encouraged to blur out or remove Zoom meeting IDs from images they share on social media to reduce the chance of malicious actors causing mischief.
Zoom announced April 1 that it is shifting all of its engineering resources to focus on safety and privacy issues. Its latest update resolved an issue where users were able to access chat functions despite it being disabled.
Anyone experiencing disruptions or service impacting issues is asked to email zoom.support@wsu.edu.
