Your Role in Ensuring Zoom Security and Privacy

Posted on April 30, 2020

Greetings Colleagues,

Fresno State has experienced several incidents in the past week of “Zoom-bombing” that have opened our eyes to the reality of these unwelcome intrusions. Zoom-bombing is the term for when unwanted strangers join a Zoom meeting or chat to wreak havoc. These uninvited intruders may share their screens to bombard attendees with inappropriate audio and video, or they may cause disruptions by speaking out loud, playing loud music, displaying unwanted and potentially illegal content with the webcam, or adding unhelpful content to the chat session. Most of these instances are perpetrated via publicly available Zoom links or when settings aren’t managed effectively.

With this in mind, I would like to reiterate the importance of following best-practice recommendations (below) aimed at reducing risks, while facilitating virtual instruction and remote work.

Please take a moment to familiarize yourself with the following recommendations to avoid uninvited guests. (Detailed instructions for these recommendations may be found here.)

You may contact our Service Desk at 559.278.5000 for additional information on managing Zoom settings.

Zoom: Best Practices for Faculty and Staff

• Send meeting invitations directly to participants via email or posted in Canvas, not on website postings or in social media promotions.

• Turn ON the “waiting room” feature; for virtual classrooms, display a FERPA disclaimer five (5) minutes prior to the start of class.

• Turn ON “set a password” for all meetings/sessions/classes/recordings.

• Turn ON the ability to keep removed participants from rejoining a meeting.

• Turn ON the ability to “mute individual participants” and “mute all.”

• Turn ON the Authentication Option for meetings/sessions/classes, when appropriate. With authentication, your attendees also need to sign in to Zoom and be verified as a valid Zoom user, and in some cases, a host can require that an attendee sign in as a validated Fresno State Zoom user.

• Turn OFF the ability for participants to record sessions for virtual classrooms.

• Turn OFF “private chat” for virtual classrooms.

• Turn OFF the ability for participants to “save chat” for virtual classrooms.

• Add a recording disclaimer to every recorded meeting. In addition, please announce your intentions to record a session to all attendees at the start of the meeting.

QUICK TIP: How to Remove a Participant from a Zoom Meeting or Webinar - If you have already begun a session and find an unwanted attendee has joined, please follow these steps:

If the Participants panel is not visible, click Manage Participants at the bottom.

Next to the person you want to remove, click More.

From the list that appears, click Remove.

Zoom has also recently added a new Security Icon Option to assist hosts in managing their meetings.

How Can I Report a Zoom-bombing Incident?

Illegal activity should be reported to the Fresno State Police Department immediately by calling 559.278.8400

Disruptions or uninvited guests should be reported to Technology Services by calling the Service Desk at 559.278.5000

Want More Information?

• Zoom Best Practices
• Zoom Help Center
• Getting Started with a Webinar
• How to Keep Uninvited Guests Out of Your Zoom Event
• Center for Faculty Excellence - Zoom Help

I will continue to work closely with the CSU Chancellor’s Office and Zoom to address security concerns as they arise. Stay tuned to your email on a regular basis for updates.

Thank you for partnering with me to ensure the safety and privacy of our faculty, staff and students.

Sincerely,

Orlando Leon, Vice President for Information Technology and Chief Information Officer