Zoom Privacy, Security, and Zoombombing
“In recent days, there has been a surge in news regarding Zoom privacy and security. The university’s service contract with Zoom, coupled with their encryption architecture, provides the privacy protections we need, and Zoom has been rapidly fixing reported vulnerabilities. This is precisely what we like to see in a vendor, and I fully endorse our continued use of this critical collaboration tool,” said Michael Tran Duff, the university’s chief information security officer and chief privacy officer. “Our current focus is to help our community configure their meetings to prevent ‘zoombombing’ incidents.”
The recently published “How to Protect Your Zoom Meetings” guide explains the settings you can apply to prevent zoombombing. The three most effective settings are:
- Requiring authentication for meeting attendees
- Disabling “Join before host” on your Personal Meeting Room and all other meetings
- Password-protecting your meetings
If your meeting is disrupted by an uninvited participant, below are the steps for regaining control and reporting the incident:
- Remove the disruptive participant from the meeting
- If unable to remove the participant:
- Take control of content sharing
- Mute all participants
- Restrict chat and annotation
- After the meeting ends, report the incident via this ServiceNow form
See details in the “How to Protect Your Zoom Meetings” guide, as well as the "Managing a Disruptive or Unwelcome Zoom Participant" quick guide.
Software security updates
The key to security is updating software as vulnerability fixes are released. If not already, you will soon be prompted to update the Zoom application on your laptop or desktop computer. You can always upgrade manually by clicking on your profile picture in the top-right hand corner of your Zoom desktop client and selecting “Check for Updates” from the menu. For more information, visit Stanford Zoom Updates.