Is your Zoom Meeting Safe?

With the increased self-quarantines, social distancing, and stay-at-home directives that is necessary during this time, UF, like most of the world, has moved online to get work done. The tool of choice at UF, and for many other places, for most online meetings has become Zoom. The utilization of Zoom.us has exploded due to the COVID-19 pandemic. As with any platform that sees such rapid expansion, the hackers and social misfits have found ways to make Zoom uncomfortable, to downright unusable, if the host hasn’t taken proper precautions to start a safe meeting.

A new term, zoombombing, has been coined to define the unwanted intrusion of an individual in a video conference call. Many times, especially if screen sharing is enabled for all participants, the intruder shows pornography or other disturbing images to all participants. Articles about this are popping up everywhere. The FBI has even placed warnings that hijackers are taking over school and business video conferences.

UFIT has created a Keep Zoom Secure website to provide best practices and setup guides for faculty, staff, and students using Zoom.us. The announcement of this new page has been included on the Keep Teaching page, https://ufl.zoom.us/, eLearning homepage and many other UF webpages… including a banner on Canvas itself:

"Security and best practices for Zoom" banner that shows on the Canvas website.
Banner from UF Canvas website.

The basic tips the Keep Zoom Secure page discusses include:

  • Generate a new meeting ID for each meeting (do not use personal rooms)
  • Set a password for the meeting
  • Disable join before host
  • Enable Waiting Rooms to monitor entrants
  • Prevent attendees from obscuring their identity (do not allow renaming)
  • Turn off file transfer options
  • Disable the virtual background
  • Disable private chat
  • Begin your sessions by limiting screen sharing to the host only
  • Lock your session after it has started to prevent new users from joining
  • Mute participants upon entry
  • Disable annotations
  • Don’t post your personal meeting ID on any public forums

The following information in our knowledgebase may also be helpful: