Zoom Privacy and Security

1. Securing a Zoom Meeting
2. Top 5 Security Recommendations for Zoom
3. Enabling Security Settings for your Zoom Meeting
4. Reporting a Zoombomber or abusive user
5. Privacy and Security Resources

Securing a Zoom Meeting

We recommend securing your Zoom meetings to prevent incidents of “Zoombombing” or other unwanted interruptions. See the resources below for more information on how to secure a Zoom meeting.

• Zoom Security Overview (PDF)
• Securing a Zoom Meeting in Progress (PDF)
• Best Practices for Securing Zoom Meetings (PDF)
• One-Click Join in Brightspace (PDF)

Top 5 Security Recommendations for Zoom

Keep your Personal Meeting ID (PMI) private. Don’t share your ID for public events Your PMI is essentially one continuous meeting. Once people know the ID number, they can join the meeting at any time. NOTE: If you DO use your Personal Meeting ID, be sure to change your passcode for each session using the instructions on the Zoom help centre.

Never share your Zoom meeting links on publicly accessible forums or syllabi Instead of sharing your Zoom meeting links publicly, share the link details through Brightspace. When you share a link through Brightspace,  only enrolled students can access the virtual classroom. Note: By default, new meetings are assigned a random passcode. To choose your own passcode, follow the steps outlined in Zoom’s help centre.

Use unique passwords for your Zoom meetings. Avoid re-using passwords in Zoom or anywhere. Unique passwords are the best method of keeping your Zoom meeting secure. When you re-use a password, the likelihood that an unwanted guest could join increases. Further protect your Zoom sessions by only sharing the password shortly before the session.

Avoid publicly posting images of private and virtual class meetings. When you share an image of your virtual class meeting and its participants, you may be sharing the full names and images of other individuals without their permission. Do not take images of Zoom meetings without the express, written permission of everyone in the Zoom session. Provincial privacy and confidentiality legislation prohibits the sharing of student’s personal information without their consent.

Keep sensitive or confidential information off of Zoom As a standard practice, Zoom data mines all information provided on their service. There are reports that Zoom is capturing the browser ‘tabs’ that are open at the same time as Zoom. While Zoom calls are encrypted, they are not end-to-end encrypted at Carleton. As such, Zoom meetings and recordings may be intercepted and accessed outside of your intended use. To avoid having Zoom gather this information, open Zoom in a private/incognito browser and avoid opening any additional tabs within that browser

Enabling Security Settings for your Zoom Meeting

As a meeting host, you have the option to enable security settings for your Zoom meeting to ensure that only users who have securely signed in to their Carleton account can join.

When scheduling a meeting, Carleton Zoom users are now able to restrict meeting access to licensed Carleton Zoom users only. This provides an additional layer of security and will allow instructors to better utilize Zoom reporting for their classes and grading. This setting should not be utilized if you are expecting participants from outside of the Carleton community. If you are expecting non-Carleton participants, you can still utilize the “require authentication” security setting to require users to be signed into any Zoom account before joining your meeting. Reports generated from meetings with this setting cannot be used for grading purposes.

To enable security settings for a Zoom meeting:

1. Go to https://carleton-ca.zoom.us/meeting.
2. Sign in with your MyCarletonOne credentials. For instructions, see Carleton’s Enterprise Zoom License and Single Sign On (SSO) support page.
3. Select the name of the meeting and click Edit or click Schedule a Meeting.
4. Under Security, select one or more of the following options:
   • Passcode – Only users who have the passcode can join the meeting.
   • Waiting Room – Only users admitted by the host can join the meeting.
   • Require Authentication to Join: Sign in to Zoom or Carleton University Account. Carleton University Account allows only users who have securely signed into their Carleton account to join. Sign into Zoom allows only users who have signed into any Zoom account to join.
5. Click Save.

For more instructions, see Requiring Authentication to Join a Meeting/Webinar, Zoom Meeting and Webinar Passcodes, Using Waiting Room.

Reporting a Zoombomber or abusive user

For any Zoombombing or concerning behaviour in a Zoom meeting, we encourage you to notify the Carleton Zoom
team at the TLS Support Portal.

Depending on the abusive behaviour encountered, you may also wish to report to the following
groups:

• Equity Services at Carleton University: if you have encountered a disruptive user who has engaged in
  discrimination, harassment, stalking, sexist or racist behaviour, or any other prohibited
  action as outlined in the Human Rights Policy. This service is confidential and does not
  compel the individual to take any further action.
• If warranted, contact the Manager of Student Conduct and Harm Reduction at the Office of Student Affairs at Carleton

Privacy and Security Resources

• Support Students in Distress
• Zoom’s Privacy and Security Webpage

Share: Twitter, Facebook
Short URL: https://carleton.ca/zoom/?p=61