"Zoombombing" - How to Protect Your Meetings and Respond to Disturbances

Universities across the country have reported incidents of “Zoombombing”—when unwelcome intruders attend a Zoom session for nefarious reasons. Such intrusions are disruptive and could even result in the unintentional sharing of sensitive information. The following how-to videos and step-by-step instructions provided by Northwestern Information Technology (IT) are designed to help faculty, staff, and students understand the risks and be prepared.

How-To Videos: "Zoombombing" Protection

Northwestern IT has created the following video series to provide the University community with guidance for protecting meetings against "Zoombombing."

Reduce the Risk of "Zoombombing"

Before scheduling a Zoom meeting and enabling security features, determine if your session will include Northwestern-only participants or non-Northwestern individuals. Once you identify your audience, please review the guidance below on enabling security features for both types of meetings.

Meetings with Only Northwestern Participants

When hosting a session for only Northwestern participants, the most effective action you can take to limit "Zoombombing" is requiring individuals to authenticate with their University credentials to join. You may also supplement that security effort with added features.

Meetings that Include Non-Northwestern Participants

When hosting a session that includes non-Northwestern participants, the most effective action you can take to limit "Zoombombing" is to use a Zoom webinar. Webinars are designed so that only the host and designated panelists can share their video, audio, and screen. In addition to using a webinar, there are other best practices that can help you host online public events securely.

  • Require Authentication and Add an Authentication Exception – This is the most secure way to schedule a meeting to which you want to invite a small number of Non-Northwestern participants. Adding an authentication exception allows you to send your guests an email with a unique link that will let them join the meeting without entering a Northwestern NetID and password. Our help page shows how to add an authentication exception when scheduling a meeting.
  • Request a webinar license—For events that do not require participants to share video and audio, a webinar license from Northwestern IT can be requested at no cost. Northwestern IT has secured 500 licenses for webinars with up to 500 participants. One license for up to 1,000 participants is also available on a first-come-first-served basis. Please fill out the Zoom Webinar Request Form at least one week in advance of the event. 
  • Don’t publicize Zoom links—The more people who know the link to your meeting, the greater the likelihood of it being shared with intruders. If you have meetings that need to be shared broadly or include external participants, read more on Zoom Privacy and Security Settings.
  • Require registration—Scheduling a meeting that requires registration allows you to have your participants register with their e-mail, name, and other custom questions. You can also generate meeting registration reports if you want to download a list of people that registered.
  • Don't use your Personal Meeting ID for public meetings—Once someone knows your Personal Meeting ID, they can try joining your sessions at any moment. Never share your Personal Meeting ID online, and only use it for meetings with people you know.
  • Divide up responsibilities—If there are two hosts in a meeting, designate one person as being responsible for technical aspects, such as admitting users to the meeting, removing users, or documenting what happens in case of a “Zoombombing” incident.
  • Set a password
  • Disable "Join Before Host"
  • Enable a waiting room

Use In-Meeting Controls to Avoid Disturbances

Responding to a Meeting Disturbance

While the risk of “Zoombombing” is significantly minimized by following the tips above, it is critical that you have a plan and know how to respond and regain control of your meeting if it is disrupted.

  • Report the offending participant—If someone is disturbing the meeting, report the offender using the “Report” feature under the “Security” shield.
  • Remove a participant or put on hold—If someone is disturbing a meeting, remove them from the session. If the session is locked, they will not be able to return. Another option is to put them on hold, during which time the attendee cannot see, hear, or share anything. Both of these actions are done by clicking Manage Participants at the bottom of a Zoom meeting window.
  • Implement controls—If unable to remove the offending participant, mute all participants, and restrict screen sharing and chat.
  • Preserve evidence—Preserve information from the incident by recording the disturbance in Zoom, saving the chat, or taking screenshots and video with your mobile device.
  • Report the disturbance—After the meeting ends, report the incident to Northwestern IT’s Information Security Office (ISO) by emailing security@northwestern.edu. The ISO will follow up with University Police and the Office of Equity. Please include the following details in your email:
    • Date and time of disturbance
    • Meeting topic
    • Meeting ID
    • Host name and email address
    • A detailed description and any evidence of the disturbance
  • Notify unit, school, or college leadership—After reporting the disturbance to security@northwestern.edu, please contact your area’s IT personnel and your department chair, dean, or supervisor.

Additional Resources




Was this helpful?
0 reviews


Article ID: 2077
Tue 12/13/22 4:49 PM
Thu 9/21/23 10:29 AM