How to mitigate Zoombombing

Summary

This article is intended to demonstrate various optional ways of mitigating or preventing instances of "Zoombombing".

Body

What is Zoombombing?

Zoombombing is when a malicious actor joins an unrestricted Zoom meeting and interrupts the proceedings, often by screen sharing offensive content.

Most course and campus business uses of Zoom are by meeting invitation or are joined by participants by accessing a shared link (e.g.: in Canvas or in a meeting invite.) Because these are not readily discoverable, the risk is very low.

What should I do if I'm getting Zoombombed or if I want to make sure I won’t get Zoombombed?
If you are concerned and want to minimize your risk even further, there are a handful of settings you can change to your personal Zoom account as well as other ways to mitigate or prevent interruptions due to Zoombombing which will be discussed below.

Why was I targeted for Zoombombing?

The most likely reason for being targeted for Zoombombing is if the meeting ID number for your class, event, or virtual “office hours” were shared very broadly via social media. Thus, it is very important NOT to broadly share meeting ID numbers via social media or in some other public way. Also, make sure that your meeting attendees, guest lecturers, and students don’t share it either. Keep the invite in Canvas or in direct meeting invites while stressing that it should not be made available for public consumption.

Steps that you can take:

  • Require Zoom authentication for participation - meeting participants will all need to be registered Zoom users (includes Zoom users within or outside of Dartmouth.)
  • Sign in via the Dartmouth Zoom Web Portal - dartmouth.zoom.us
  • Go to the Meetings tab on the left-hand side and Schedule a new meeting
  • Under the Meeting Options section, select Only authenticated users can join

    Authenticate

 

 

 

 

 

 

 

 

 

 

 


 

 

 

 


 

OR if you would like to add this to an already existing meeting. Select that meeting and click the "Edit this meeting" button in the lower right-hand corner.

 

 

 

 

 

 

 

 

 

 


 

 

 

 

  • Require a password to join
    • Follow the same steps as above to either Schedule a new meeting OR to Edit an already existing meeting.
  • Under the Meeting Options section, select Require meeting password a text box will appear with a randomly generated numerical password in it.
    You may use this or select the box and type your own.

    Password

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

  • Disable Screen Sharing - you can enable, as needed, during the meeting
  • Disable Annotation - you can enable, as needed, during the meeting.
  • Lock your meeting - After your meeting begins this bars entry to the meeting to anyone after it is implemented. (you can toggle this feature during the meeting should a legitimate user need to enter or re-enter should they lose connection.)
    • While in a Zoom meeting from the Zoom Control Bar, select Manage Participants
    • When the "Participants" window opens, in the bottom right-hand corner, select More
  • In the drop down menu, select Lock Meeting

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Additional information can be found at Zoom Blog:

Best Practices for Securing Your Virtual Classroom

Zoom 101: Securing your Meetings & Virtual Classrooms video on YouTube

Details

Details

Article ID: 103299
Created
Fri 3/27/20 5:36 AM
Modified
Wed 4/1/20 1:03 AM