Understanding Zoom privacy and security settings

The following features increase the security of your Zoom sessions and reduce the chance of unwanted attendees. Use as many of these options as possible without impacting your meeting operations. If you are discussing any sensitive or confidential information in your meetings, these measures become that much more important.

Pre-Meeting Settings

Require a Meeting Password
It's highly recommended that you set a strong password for all meetings. When scheduling a meeting, under Meeting Options, select Require meeting password, then specify a strong password (make your password at least eight characters long and use at least three of the following types of characters: lowercase letters, uppercase letters, numbers, symbols). Participants will need this password to join your meeting. Enable Generate and require password for participants joining by phone to extend the meeting security to phone connections as well.

Enable the Waiting Room Feature
The Waiting Room allows you to control when each participant joins the meeting.  Admit attendees one by one, or hold all attendees in the virtual waiting room and admit them en masse. While using this feature this takes more effort, it ensures that only participants can join if you specifically admit them.

Disable Join Before Host
When scheduling a meeting where sensitive information will be discussed, leave Enable join before host (found under Meeting Options when scheduling a meeting) turned off. Visit Zoom's Join Before Host help page for more information.

The Join Before Host option is convenient for allowing others to continue with a meeting if you're not available to start it.

Another option is to assign an Alternative Host.

It's still possible for a meeting to start without you (the host) even if Join Before Host is disabled. If you have given someone Scheduling Privilege, which allows them to schedule meetings on your behalf, then when that person joins a meeting before you, the meeting will begin and they will be made the host. This is typically not a problem, as the recommendation to disable Join Before Host is based on preventing unwanted/uninvited participants from hijacking a meeting. After you join, the role of Host can be reassigned to you.

Only Authenticated Users Can Join
To keep your meeting limited to only those with Northwestern NetIDs, enable this feature to prevent non NU participants. When configuring a meeting, check this box to limit access.

Meeting Security When Scheduling Zoom Meetings Using Your Outlook Calendar
If you add a Zoom meeting to your calendar or create a Zoom meeting in your calendar using the Zoom Outlook Plug-in, note that the calendar entry may include the Zoom meeting password. If you have set up your calendar so that it is open for colleagues to view the details of your meetings, this can expose the password to anyone who views your calendar. Protect the password by making the calendar entry private or editing the entry to remove the Zoom meeting password.

In-Meeting Controls

Limit Recording
By default, only the host or co-host can initiate a recording. If another participant would like to record, the host will need to provide permission to that participant during the meeting.

Limit Sharing to the Host
Follow these steps while in your meeting. This won't be appropriate when multiple participants will need to share and collaborate, but setting this restriction will prevent unwanted guests from interrupting the meeting by initiating intrusive sharing.
  1. Next to Share Screen, click the up-arrow.
  2. Select Advanced Sharing Options.
  3. Under Who can share, click Only Host.
Put a Participant on Hold
In a meeting, place an attendee on hold to remove them temporarily. That participant is essentially in a time-out and cannot see/hear or share anything. Simply remove the hold to return them to the meeting.
  1. In the host controls, click Manage Participants.
  2. Hover over the name of the attendee you want to put on hold, then click More > Put on hold.
  3. To bring them back into the meeting, in the participants' list click Take off hold.
Remove a Participant from a Zoom Meeting
If you have already begun a session and find an unwanted attendee has joined:
  1. If the Participants panel is not visible, at the bottom of the Zoom window click Manage Participants.
  2. Next to the person you want to remove, click More > Remove.
Lock Your Session
The Zoom Host Controls allow the host or co-host to lock the meeting. Once all your attendees have joined,
  1. If the Participants panel is not visible, at the bottom of the Zoom window click Manage Participants.
  2. At the bottom of the Participants panel, click More > Lock Meeting.
Unlock the meeting following these same steps. When a meeting is locked, no one can join, and you (the host or co-host) will not be alerted if anyone tries to join, so don't lock the meeting until everyone has joined.

Post-Meeting Recording Controls

Authenticated Viewer Access to Recordings
Restrict viewing access to authenticated viewers only prevents non-Northwestern viewers from viewing your recorded content.
  1. In your profile in Settings, click the Recording tab, then scroll down and find the setting
  2. Enable the authenticated viewer setting
  3. On the left in your profile, click the Recording tab
  4. Click Share for any recording
  5. Enable only authenticated users can view, then click Save
Require Password for Cloud Recording Access
To secure viewing of your shared recordings, add a password to each individual recording that you manage. The recording access code can be changed at any time.
  1. Log in to Zoom, and on the left in your profile, click the Recording tab
  2. Click Share on any recording
  3. Enable Password protect
  4. Enter a password and click Save
  5. Copy the Recording Link details and share them to those who you want to view the recording along with the password
Recording Download
By default, your recordings are NOT available for download. When sharing the download link, permit access to download the recording by enabling the Viewers can Download setting. Once enabled, copy the link and share it with others as needed.
  1. Log in to Zoom, and on the left in your profile, click the Recording tab
  2. Click Share on any recording
  3. Enable the Viewers can Download setting on the file
  4. Copy the link
  5. Close the window

For additional assistance please contact the IT Support Center at 847-491-4357 (1-HELP) or via email at consultant@northwestern.edu.

Keywords:zoom, meeting, recording, security, protection, controls, "zoom bombing"   Doc ID:99037
Owner:Michael C.Group:Northwestern
Created:2020-03-18 08:36 CDTUpdated:2020-04-03 09:40 CDT
Feedback:  6   0