Zoom Security Profiles

What:
Basic settings that should be applied to all Zoom meetings to reduce the risk of disruption and help protect user and data privacy.

Why:
Without setting these controls, you run the risk of attackers Zoom-bombing your session or accessing information without your permission.

How:

1. Set up scheduled meetings / Limit use of your Personal Meeting ID (PMI) to prevent becoming an easy, known target (Like getting your email address or telephone number)
2. Set up meetings with password protection
3. Inspect the list of participants periodically during the meeting for unexpected guests
4. Monitor and control screen sharing capabilities carefully
5. When prompted by the Zoom client, install security updates when they are released.

Who:
This applies to all faculty, staff or students who need to host a private meeting and applies to most use cases (most online class or labs, team/organization meetings etc.). Analogous to in-person meetings, these sessions should not create a data or privacy breach situation if someone was to pass-by and listen in or accidentally “walk-in” to the meeting.

What:
Additional security and privacy settings that should be considered for Zoom meetings where sensitive subjects or topics need to be addressed, or the participant list may be undefined or difficult to moderate (size, composition, etc.).

Why:
For NKU meetings, classes or labs that are usually conducted within controlled environments because of the heightened sensitivity of the subjects and discussion.

How:

1. Apply the minimum security settings, listed above
   
2. Require @nku.edu accounts for internal meetings or require email user authentication for external meetings
   
3. Disable the “Join before host” setting
   
4. Be aware of your camera view throughout the meeting (prevent bathroom or wardrobe change exposure, etc.) or disable host and participant camera usage
   
5. Mute, adjust participant settings, or remove participants before you begin your meeting

Who:
This applies to faculty, staff or students who need a higher level of security to host a private meeting for select use cases (controlled “locked door” labs, team/organization meetings, advising sessions etc.).  Analogous to in-person meetings, these sessions may create a data or privacy breach situation or expose sensitive information if someone was to pass-by and listen in or accidentally “walk-in” to the meeting.

What:
Further security and privacy settings that should considered for Zoom meetings to maximize security.

Why:
For NKU meetings, classes or labs that are conducted with more strictly controlled environments where the need to ensure security and privacy of the subjects and discussion are of utmost importance.

How:

1. Apply the MINIMUM, AND IMPROVED security settings, listed above
   
2. Consider enlisting a colleague to act as a moderator to the participants during these meetings
   
3. Use the Waiting Room option
   
4. Admit participants in the waiting room to the meeting
   
5. Lock the meeting when possible

Who:
This applies to faculty and staff who need the highest level of security to host a private meeting and applies to limited use cases (highly controlled “locked door” meetings, HR, or legal sensitive matters etc.).  Analogous to in-person meetings, these sessions would create a data or privacy breach situation if someone was to pass-by and listen in or accidentally “walk-in” to the meeting.

Note: If your meeting requires end-to-end encryption, please contact the NKU IT Help Desk to host this session.