Zoom Security

Zoom-bombing is when an unauthorized/authorized attendee joins a Zoom meeting session in order to cause disorder by saying offensive things and/or sharing unwanted images such as pornographic and hate filled images.

SDSU has published a guidance document detailing tactics that will minimize "Zoom Bombing" attacks.

Best Practices to Prevent Zoom Bombing

Yes. Zoom has become one of the most popular online conferencing and collaboration platforms. Zoom usage jumped from 10 million at the beginning of March to over 200 million now, and it is still growing. With its growth in popularity, a greater number of scrutiny has been introduced. Zoom has, however, worked to quickly respond by fixing several of the reported vulnerabilities.

SDSU has compiled a number of best practices recommendations to protect your Zoom meetings from "Zoom Bombers."

In addition, Zoom offers a number of security options to prevent unwelcome participants from joining your meeting or to limit their ability to share inappropriate content.

To learn more, visit How do I secure my Zoom meeting? If you are using a personal computer you must update the client as the latest clients are available.

To check the version of the Zoom client installed on your computers or mobile device see the “Viewing the Zoom version number” article.

There are additional settings that can be enabled to further secure your Zoom meetings. They are provided here for guidance:

• Create a waiting room

  Another way to avoid Zoom-bombing is by creating a waiting room. Managing meeting participants is key: by enabling the waiting room feature, participants can’t get into the call until you — the host or co-host(s) — lets them in.

• Disable Private Chat

  Zoom has in-meeting chat for everyone or participants can message each other privately. Restrict participants’ ability to chat with each other during your meeting. This prevents anyone from getting messages during the meeting.

• Restrict sceen sharing to host only.

  Ensure that only the meeting host can share their screens. Select "Host Only" by default. If during the meeting screen share is needed, it can be easily enabled.

• Disable removed participants from rejoining

  When you kick someone out of your meeting for any reason, they should not be able to come back in. Turn this setting off.

• Use the Security Toolbar Icon

  Zoom's security features, which had previously been accessed throughout the meeting menus, are now grouped together and found by clicking the Security Toolbar Icon in the meeting menu bar on the host's interface.

• When in doubt, kick them out

  If a disruptive participant manages to get into your meeting, you have the option to kick them out. To do so, click the “Participants” button, then mouse over the participant’s name and select “Remove.” Once removed, they won’t be able to rejoin.

• Prevent participants from renaming themselves

  Upon entering a Zoom meeting, participants are automatically given names based on their Zoom account or their computer’s username. These names are displayed in the participant panel and on the video thumbnails. By default, participants can opt to change their names in the Zoom meeting, and the host can choose to rename participants too. Click the “Security” button on the Zoom control bar. Under the heading “Allow participants to:” click on “Rename Themselves,” and ensure there is no checkmark next to "Rename Themselves."