There are many features within Zoom that can increase the security of your Zoom sessions and reduce the chance of unwanted attendees from disrupting your event and causing problems. Use as many of these options as possible without impacting your meeting operations. If you are discussing any sensitive or confidential information in your meetings, these measures become that much more important. Public meetings are more exposed than NU-only meetings (using Authenticated Users only), but you can prevent someone from gaining access to your meeting or sharing inappropriate content by applying most of these recommendations.
Zoom Meeting - Privacy and Security Settings - ZoomBombing Prevention Tips
There are many features within Zoom that can increase the security of your Zoom sessions and reduce the chance of unwanted attendees from disrupting your meeting or event and causing problems or confidentiality concerns. The following are quick and easy tips and features that will add layers of security to keep unwanted guests out.
1. Don’t Publicize Your Meeting
Only invite participants and guests directly to your meeting or event. If possible, avoid publicizing meeting links on social media or publicly available channels.
2. Only Authenticated Users Can Join
To keep your meeting limited to only those with Northwestern NetIDs, enable this feature to prevent non-NU participants from joining. When configuring a meeting, check this box to limit access. This step alone will prevent most, if not all, unwanted guests from joining your meeting or event. For more information see Zoom Security - Only Authenticated Users Can Join.
3. Enable the Waiting Room Feature
The Waiting Room allows you to control when each participant joins the meeting. Admit attendees one by one or hold all attendees in the virtual waiting room and admit them en masse. The former option (one by one) takes more effort, but it ensures that only participants can join if you specifically admit them. There are different Waiting Room Options available with more information available at Using Zoom's Waiting Room (northwestern.edu).
4. Meeting Password
Apply a password for all of your meetings to prevent people from joining by randomly entering Zoom meeting ID's to see what they can do to interrupt a session. Nearly all Zoombombed meetings were scheduled without passwords. For more information see Meeting and webinar passcodes – Zoom Help Center.
5. Require Registration
Scheduling a meeting that requires registration allows you to have your participants register with their e-mail, name, and other custom questions. You can also generate meeting registration reports if you want to download a list of people that registered. For more information see Managing meeting and webinar registration - Zoom Support.
6. Immediate In-Meeting Security Features
In the event your session is infiltrated, Zoom has a Security button available at the toolbar with controls to disable multiple participant features, locking the meeting, enabling the waiting room, or all of the above via the Suspend Participant Activities option. The latter option will allow you to effectively start your meeting over with participants placed in the waiting room so you can safely re-admin invited participants. For more information see In-meeting security options – Zoom Help Center.
7. In-Meeting Chat Controls
When you expand the chat window, the host or co-host can click on the three dots (in the lower right) to change how chat functions. To restrict comments from being visible to everyone and protecting the session, consider this change. By setting the chat to Host Only, any message sent by a participant is visible only by the host. This serves as a private way to submit questions and prevents any inappropriate language from being visible. For more information see Restricting screen sharing and chat in Zoom (northwestern.edu).
b. Report the offending participant
If someone is disturbing the meeting, report the offender using the "Report" button feature under the security shield at the top left corner of your Zoom window.
Zoom Meeting - Privacy and Security Settings - ZoomBombing Disturbance Steps
If you experience a ZoomBombing incident, report the disturbance to Northwestern IT and your unit, school or college leadership.
After the meeting ends, report the incident to Northwestern IT’s Information Security Office (ISO) by emailing security@northwestern.edu. The ISO will follow up with University Police and the Office of Civil Rights and Title IX Compliance.
Please include the following details in your email:
- Date and time of disturbance
- Meeting topic
- Meeting ID
- Host name and email address
- A detailed description and any evidence of the disturbance
After reporting the disturbance to the ISO, please contact your area's IT personnel and your department chair, dean, or supervisor.
If you seek further guidance on securing your meeting or virtual event, please reach out to the servicedesk@northwestern.edu.
Your feedback on this article is welcome, and we review comments regularly. However, if you have an issue or question requiring immediate attention or want to discuss your feedback on this article, please get in touch with the Northwestern IT Service Desk at 847-49
1-4357 (1-HELP) or
consultant@northwestern.edu.