Basic Zoom guidance

The most likely issue you will encouter when using Zoom is the so-called case of “Zoom bombing”. This happens when somebody gains access to your meeting without your permission and procede to disrupt it. Zoom-bombing can come about in a number of ways.

There are a number of features built in to Zoom to prevent Zoom-bombing, such as password-protection and “waiting rooms”. Previously, these were switched off by default, but as of the weekend of 4th/5th April these have been enabled by default. Of course, these defaults can be over-ridden, and you should not do this if you want your meetings to be properly protected. And it should go without saying that you shouldn’t publish meeting passwords in the same place that you publish the meeting location.

To ensure that your meeting is well-protected, ensure that you are doing the following (some of which is now enabled by default):-

  • Password protecting all meetings
  • do not share the link or the meeting ID on public platforms (and if you share photos of the meeting make sure the ID is not visible)
  • never use the personal meeting ID, instead allow Zoom to create a random number for each meeting
  • set screen sharing to “host only”
  • disable “join before host”
  • disable “allow removed participants to rejoin”
  • disable file transfer

Information Security Group.