Working and teaching from home: Zoom security
Apr. 2, 2020
This message was sent to University of Nevada, Reno faculty and staff.
Several members of the campus community have expressed concerns with possible security issues with Zoom. There have been two reported instances of disruption in the University’s Zoom meetings. If you have problems with a Zoom class or meeting, please immediately contact the University’s help desk at (775) 682-5000.
f you have questions or would like assistance, please contact Teaching and Learning Technologies (TLT) at firstname.lastname@example.org. We have been closely monitoring the reports and would like to share the following information with you about several of those concerns:
Zoombombing is a very recent phenomenon, where internet trolls, usually with no relation to the class or the University, gain access to an unsecured Zoom meeting. These trolls engage in disruptive and offensive behavior while in the class using whatever means available to them to offend – meaning screen shares, offensive comments over the audio and/or chat.
We have taken the following actions to improve the security of all future meetings. (Already scheduled meetings may need to be manually adjusted.)
- The waiting room function is now required. Authenticated users can bypass this feature. This setting is now locked and cannot be turned off. Instructors will need to allow any unauthenticated user into their meeting.
- The “Only authenticated users can join” option has been enabled as a default meeting setting. This option requires meeting attendees to have a University Zoom account. This will require many students who have not already done so to create a Zoom account.
Additional steps you can take to prevent disruption:
- Use a meeting password
- Mute all participants on entry
- Turn off participant video
- Disable participant screen sharing and annotation
- Remove participant
More information and resources:
- TLT Zoom page, "How to prevent Zoombombing"
- Zoom’s “How to Keep Uninvited Guests Out of Your Zoom Event.
Facebook data sharing
This has been reported recently. This should not affect any of our users, as this is only an issue for those using the Facebook login feature. Zoom has also taken measures in recent days to remove the code that was sharing the information from their applications. Regardless, all users who are logging into Zoom should do so through their University Zoom account and use the SSO login option with their NetID.
Privacy Concerns with Attention Tracking
The University Zoom account has this feature turned off at the administrator level so users cannot enable this feature.
If you have questions or concerns on any aspect of using the University’s technologies available for teaching and working remotely, contact the University’s help desk at (775) 682-5000. Faculty with instructional questions related to Zoom can also contact the Instructional Design Team (IDT) email@example.com.
Steve Smith, Vice Provost for Information Technology & Chief Information Officer firstname.lastname@example.org
Ed Huffman, Director, Teaching & Learning Technologies