Zoom: Tips for keeping meetings secure
Intended for:
Zoom meeting hosts.
Scenario/Use case:
This article contains instructions on how to keep Zoom meetings secure.
Instructions:
Posting meeting IDs and passwords on public websites:
You MUST NOT post Zoom meeting IDs, links or passwords on any public website (including in Indico and DocDB).
Preventing participants from screen sharing:
By default for all meetings, only the host, co-host or alternative hosts are allowed to share their screens. Hosts, co-hosts or alternative hosts may override this setting at the start of or during a meeting. You can learn about the differences between roles in this article from Zoom: https://support.zoom.us/hc/en-us/articles/360040324512-Roles-in-a-meeting (Note: Not all features listed in this article are available for Fermilab account holders.)
Setting passwords to prevent unwanted participants from joining:
As of July 18, by default, all meetings require a password to join including meetings where participants dial in by phone.
For those who send email/calendar invitations with the Zoom meeting link, an encrypted password will be embedded in the link, so participants do not need to type the password. (The link with the encrypted password will look something like this: https://fnal.zoom.us/j/95390384798?pwd=RytIMlZCVCtOSGhCTEVHZjAzdTAwUT09)
REMINDER: The embedded link or password MUST NOT be posted on a public webpage.
Per meeting, you can assign a password, up to 10 numerals, letters or a mix of both. Here’s what the password field looks like when scheduling a new meeting from the Zoom client:
For phone participants, the phone number password will be a numeric-only, Zoom-generated password that cannot be changed. The Zoom-generated invite will look something like this. NOTE: If you had scheduled a meeting prior to July 18, 2020, and the meeting will have phone participants, you will have to send out an updated meeting invitation which will include the dial-in password.
In-meeting security controls:
Zoom has recently introduced The Security button, which is viewable by the host while the meeting is occurring an enables the host to secure the meeting as it is taking place. Read more in this Zoom article.
NOTE: To use this feature, you must have the latest version of the Zoom client. Learn more in this article.
Some options for hosts to secure the meeting while it is occurring:
- Mute all participants and do not allow them to unmute themselves
- (This option is available for the host/co-host during a meeting). View this article from Zoom.
- (This option is available for the host/co-host during a meeting). View this article from Zoom.
- Disabling profile pictures during meetings
- View instructions in this article.
- View instructions in this article.
- New on client version 5.4.3 released on 11/16/20: Suspending a participant’s activity
- This option is available when you click the Security button. It immediately suspends all participant activities, which will mute all video and audio, stop screen sharing, end all breakout rooms and pause recording. Read more in this Zoom article:
Other options to help prevent unwanted participants:
- Disable join before host
- View these instructions in this knowledge article.
- View these instructions in this knowledge article.
- Enable waiting room
- This prevents attendees from joining a meeting until a host admits them individually from the waiting room. See instructions in this article.
- Everyone
- Permits all participants joining the meeting to be admitted to the waiting room.
- Users not in your account
- Permits only participants who are not a Fermilab Zoom account holder or are not logged in to be admitted to the waiting room. If not logged in, they will have an option to log in:
See Also:
How to use Zoom web conferencing service
How to keep your Zoom meetings secure: Meeting presentation