Zoombombing Resources

Quick Links:
What is Zoombombing?How to Avoid ZoombombingAdditional Zoom Security Resources

What is Zoombombing?

Many University of Miami community members are working, teaching, and learning via the video conferencing platform Zoom. Zoombombing is a form of trolling in which a participant uses Zoom's screen sharing feature to interrupt and disrupt meetings and classes.

How to Report Zoombombing

Zoom takes abusive behavior on its platform seriously and wants to ensure your meetings are secure. If you need to report a Zoombombing incident, you can do so by:

  • Reporting a participant during a meeting
  • Reporting by email, by sending the following information to trust@zoom.us:
    • Meeting ID where the incident occurred
    • Email address of the user or room that hosted the meeting
    • Date, time, and timezone when this took place 
    • Type of violation and names of any participants you would like to report

How to Avoid Zoombombing

We advise faculty to link to Zoom lectures from within Blackboard, and for all UM community members to set a password to join meetings and/or to enable the waiting room option. We also advise all UM community members to limit screen sharing to the host and disable annotation tools (see additional details below).

Open All Tabs
  • Set a Meeting Password

    Setting a strong password for your meeting can prevent unanticipated guests from joining. When scheduling a meeting, under Meeting Options, select Require meeting password, then specify a strong password (make your password at least eight characters long and use at least three of the following types of characters: lowercase letters, uppercase letters, numbers, symbols). Participants will be asked to enter this password in order to join your meeting.

  • Enable Waiting Room

    The waiting room feature allows the host to control when participants join your meeting. As the meeting host, you can admit attendees individually, or hold all attendees in the virtual waiting room and admit all when you are ready to begin. Admitting participants from the waiting room requires an additional step for the host, but provides increased control to only allow participants to join the meeting when you admit them. This feature can be enabled on a per-meeting basis when scheduling.

  • Disable Join Before Host

    If you are scheduling a meeting where sensitive information will be discussed and you do not want participants to start the meeting without you, it's best to disable join before host functionality. If you disable this functionality, participants will see a pop-up dialog that says, "Please wait for the host to start this meeting." If you are the host, there is a login button to login and start the meeting as the host. This feature can also be enabled or disabled on a per-meeting basis when scheduling.

  • Limit Screen Sharing to the Host

    This restriction can help prevent intrusive sharing and potential meeting disruptions. However, this may not be appropriate when multiple participants need to share and collaborate. To limit sharing privileges while in your meeting:

    • Click the up-arrow next to Share Screen.
    • Select Advanced Sharing Options.
    • Under Who can share, click Only Host.

  • Disable Annotation Tools for Participants

    Before the Meeting

    Change your personal settings to disable participant annotation for all future meetings.

    • Sign in to the University's Zoom portal at zoom.miami.edu.
    • Under Personal, go to Settings.
    • In the Meeting tab, review the following security setting: Annotation.
    • To disable the Annotation setting, toggle it "off."
    During the Meeting

    To disable participant annotation while you are screen sharing, follow these steps:

    • In the Screen Share menu* at the top of your meeting screen, click the More (...) button.
      • *Note: You'll only see this menu while actively sharing your screen.
    • Select the Disable Annotation for Others option from the drop-down menu.

  • Remove a Participant

    If you are the host or co-host in a session and notice an unwanted guest has joined or a participant is disruptive to your session, you have the option to remove them. To remove a participant:

    • Click Manage Participants at the bottom of the Zoom window (if the Participants panel is not already visible).
    • Next to the person you want to remove, click More.
    • From the list that appears, click Remove.

  • Lock Your Meeting

    The Zoom Host Controls allow the host or co-host to lock the meeting once all anticipated participants have joined the meeting. When a meeting is locked, no one else can join the session, regardless of having a meeting password. To lock your meeting:

    • Click Manage Participants at the bottom of the Zoom window (if the Participants panel is not already visible).
    • At the bottom of the Participants panel, click More.
    • From the list that appears, click Lock Meeting.

  • Restrict a Meeting to UM Users Only

    By default, anyone with the join link or meeting ID can join a meeting hosted by users on your account, even if they are not signed into Zoom. To prevent unknown participants from joining the session, you have the option to restrict meeting participants to users who are signed into Zoom, or only to University of Miami (UM) authenticated users.

    To only allow UM users to join a Zoom meeting, you can (a) enable this setting per meeting you are scheduling, or (b) enable it as a default setting for all meetings you create. Step by step details are listed below:

    Schedule a Zoom Meeting for Only UM Users:
    1. Open the Zoom desktop client, and select Schedule.
    2. Enter all of your Zoom meeting details. Then, at the bottom of the new meeting scheduler, select Advanced Options.
    3. Within the options menu, select Only authenticated users can join. From the drop-down menu, select All UM Users.
    4. To confirm and schedule your meeting, select Schedule.
    Set to Allow Only UM Users as Default:
    1. Access your online Zoom account by visiting zoom.miami.edu and logging in with your University of Miami CaneID and password. Once logged in, click Settings.
    2. Within the Schedule Meeting settings sub-panel, enable Only authenticated users can join meetings.
    3. Next to All UM Users, select Edit. Within the editor, you can add additional .miami.edu domains (such as *.med.miami.edu or *.rsmas.miami.edu).
    4. Select Set as default authentication option by clicking the blue check mark box. Then, click Save to confirm.

  • Use the Latest Version of the Zoom Client

    Download the latest version the Zoom client by visiting: zoom.us/download. We recommend you regularly update your Zoom client or enable automatic updates to take advantage of all the latest security and functionality features.

Additional Zoom Security Resources

Below you'll find various security articles, brought to you by Zoom:

Open All Tabs
  • 90-Day Security Plan Progress Report

    As we continue on our 90-day plan to improve the security and privacy of our platform, this week's "Ask Eric Anything" webinar focused on recent product security updates, including an end-to-end encryption update and additional security controls for account owners and admins.

    Zoom CEO Eric S. Yuan was joined by Zoom CPO Oded Gal, Zoom Head of Security Engineering Max Krohn, and Zoom Global Deputy CIO Gary Sorrentino for this week's session.

    Zoom CTO Brendan Ittelson and Lynn Haaland, Zoom Deputy General Counsel, Chief Compliance and Ethics Officer joined for the Q&A session.

    End-to-End Encryption Update 

    Following our conversations with our users and a number of advocacy organizations, we are pleased to announce that we will be offering end-to-end encryption for all of users – free and paid – as an advanced feature at no additional charge. Free users seeking access to end-to-end encryption will participate in a one-time process to verify their account, such as verifying a phone number via text message. 

    We are confident that this risk-based authentication process, combined with our current arsenal of tools, will enable us to continue to prevent and fight abuse on our platform. More information on this announcement below.

    CISO Council Update

    Our CISO council, which includes 36 members representing a variety of industries and enterprise businesses, has met three times since its inception in late April. The members of the CISO council serve as the voice of our customers, offer candid guidance and advice on security and privacy, and provide recommendations in regards to best security and privacy practices as well as feature prioritization.

    As of July 2020, the CISO council will host CISO Roundtables to give existing and prospective customers the opportunity to meet with a few members from Zoom’s CISO council and security team leaders to get an in-depth review of the security measures Zoom has taken and our 90-day security plan. Up to 40 participants at each roundtable will have the chance to ask our CISO council members and Zoom’s security team their questions, provide their insights, and join in on the conversation surrounding privacy and security. We encourage any CISOs interested in attending one of our CISO Roundtables to reach out to their Zoom account executive to reserve their spot.

    Product Update

    • Option to disable email/password for login: Account administrators can now disable the ability to log in to Zoom with an email address and password, requiring users to sign in through SSO or other third party logins that Zoom offers. 
    • Additional whitelist domain options for waiting room: Account administrators can whitelist domains beyond their own so participants can bypass the waiting room and directly join a meeting.
    • Option to disable participant annotation: Account administrators can now disable the ability for participants to annotate on a shared screen. This setting is available at the account, group, and user level.
    • Ability to Unmute All: The ability to Unmute All is now available again in meetings with fewer than 200 participants.
    • Webinar Q&A management: Hosts and panelists can delete questions and comments submitted through the Q&A and chat during a webinar, allowing them to remove questions that are inappropriate or have already been answered. 
    • Data retention policy: Account owners and admins can set the amount of time that Zoom Phone user data — call logs, ad hoc / automatic call recordings, voicemail recordings, and transcriptions — is retained.


    Here are some of the webinar attendee questions (and summarized answers) that were addressed live this week:

    Will there be fees to use Zoom's end-to-end encryption?

    No, Zoom’s end-to-end encryption will be free for both paid and free users.

    Are you still accepting feedback on Zoom's cryptography design?

    Yes. The best place to leave your feedback on our cryptography design is on Github.

    What does end-to-end encryption do, and how is it different from Zoom's AES 256 bit GCM encryption?

    With Zoom’s current Enhanced Encryption offering, encryption keys are created on Zoom’s servers and distributed to the meeting participants. Each key is randomly generated and only used for one meeting, then thrown away. In end-to-end encryption, one meeting participant generates the encryption key and uses public key cryptography to distribute this key to the other participants; Zoom’s servers never see the key. Both offerings behave similarly after the key exchange: the meeting data is encrypted with the meeting key using AES GCM encryption.

    If a meeting host enables end-to-end encryption, do other participants need to have end-to-end encryption to join the meeting?

    End-to-end encryption won’t be compatible with an older version of the Zoom client, and all participants must have an E2EE-enabled client to join the meeting.

    Will users with free accounts be forced to use end-to-end encryption for their meetings?

    No, we will not be forcing users with free accounts to use end-to-end encryption. Both free and paid users will have the option to enable end-to-end encryption for their meetings.

    How do I enable end-to-end encryption for my meetings?

    You will be able to turn end-to-end encryption on or off in the settings panel where you configure your specific meeting settings, while account owners and admins will be able to enable and disable end-to-end encryption at the account and group level. Once the meeting has started, you won’t be able to change the end-to-end encryption setting.

    Will end-to-end encryption be available for Zoom Video Webinars?

    End-to-end encryption will not be available for Zoom Video Webinars during the initial release; however, we plan to include that feature in future releases.

    What is the status of accessibility compliance for the Zoom client?

    Accessibility compliance is very important to us as we strive to provide a platform that anyone can use with ease. Users can get more information about our accessibility compliance at zoom.com/accessibility.

    Is there a limit to how many people can participate in a webinar?

    Up to 50,000 participants can join a webinar, and webinar hosts can accommodate even more viewers by streaming their webinar over Youtube, Facebook, or other streaming platforms.

    Watch the Latest "Ask Eric Anything" Recording

    If you missed the last session, you can watch the recording here:

    To give your feedback or to ask Zoom a question, send an email to answers@zoom.us. Webinar registration is now closed.

  • End-to-End Encryption Update

    Since releasing the draft design of Zoom's end-to-end encryption (E2EE) on May 22, we have engaged with civil liberties organizations, our CISO council, child safety advocates, encryption experts, government representatives, our own users, and others to gather their feedback on this feature. We have also explored new technologies to enable us to offer E2EE to all tiers of users.

    On June 17, 2020, Zoom released an updated E2EE design on GitHub. We are also pleased to share that we have identified a path forward that balances the legitimate right of all users to privacy and the safety of users on our platform. This will enable us to offer E2EE as an advanced add-on feature for all of our users around the globe—free and paid–while maintaining the ability to prevent and fight abuse on our platform.

    To make this possible, free/basic users seeking access to E2EE will participate in a one-time process that will prompt the user for additional pieces of information, such as verifying a phone number via a text message. Many leading companies perform similar steps on account creation to reduce the mass creation of abusive accounts. We are confident that by implementing risk-based authentication, in combination with our current mix of tools—including our Report a User function—we can continue to prevent and fight abuse.

    Additional Information
    • We began early beta of the E2EE feature in July 2020.
    • All Zoom users will continue to use AES 256 GCM transport encryption as the default encryption, one of the strongest encryption standards in use today.
    • E2EE will be an optional feature as it limits some meeting functionality, such as the ability to include traditional PSTN phone lines or SIP/H.323 hardware conference room systems. Hosts will toggle E2EE on or off on a per-meeting basis.
    • Account administrators can enable and disable E2EE at the account and group level.

    We are grateful to those who have provided their input on our E2EE design, both technical and philosophical. We encourage everyone to continue to share their views throughout this complex, ongoing process.

  • 5 Things to Know About Zoom 5.0

    We're excited to share that Zoom 5.0 is now generally available! This release delivers one of our most advanced security enhancements to date with support for AES 256-bit GCM encryption, which provides added protection for meeting data and greater resistance to tampering.

    So, what does this new encryption algorithm mean for you, and what other security functionality should users be aware of in this new release? Here are 5 things you should know about Zoom 5.0:

    1. AES 256-bit GCM Encryption

    Zoom 5.0 supports our current encryption and GCM encryption. A system-wide account enablement to GCM encryption occurred on May 30, 2020, and only Zoom clients on version 5.0 or later, including Zoom Rooms, will be able to join Zoom Meetings.

    2. Report a User Feature

    Meeting hosts and co-hosts can report a user in their meeting who is misusing the Zoom platform. Found in the Security icon, the option sends a report to Zoom's Trust & Safety team for review. The report can include a specific offense, description, and optional screenshot. The Report a User function is on by default but can be turned off at the account, group, and user level in the Zoom web portal.

    3. New Encryption Icon

    A new encryption shield appears in the upper left of your Zoom Meeting window and indicates a secure, encrypted meeting. As of May 30, the shield will be green for all users, denoting enhanced GCM encryption. Clicking the icon also takes you to the Statistics page for additional encryption details.

    4. Enhanced Data Center Information

    Meeting hosts can now select data center regions at the scheduling level for meetings and webinars. The Zoom client also shows which data center you're connected to in the Info icon in the upper left of your Zoom window. You can get additional details in-meeting by selecting Video Settings - Statistics in the meeting controls.

    5. Enhancements to Ending/Leaving Meetings

    We've refined the action of ending or leaving a Zoom Meeting to make it easier and also more secure. With a new UI update, hosts can clearly decide between ending or leaving a meeting. If the host leaves, they can now easily select a new host and have the confidence that the right person is left with host privileges.

    Additional Security Enhancements

    A few other recent Zoom security updates include:

    • Profile picture control: Account admins and hosts can disable the ability for participants to show their profile picture and also prevent them from changing it in a meeting.
    • Minimum password length: The minimum default password length will be six characters for meetings, webinars, and cloud recordings.
    • Cloud recording security: Admins and meeting hosts can set expirations on their cloud recordings and can disable the sharing of their recordings.
    Updating to Zoom 5.0

    Upgrade to Zoom 5.0 by visiting the Zoom download page.

    For additional information, check out the Zoom 5.0 webpage or the Release Notes.

  • Zoom Product Updates: Restricted Screen Sharing by Default, Consent for Unmuting and Audio Alert for the Waiting Room

    We announced several recent security updates and user interface enhancements from the product team during the May 20 "Ask Eric Anything" webinar. Here's a roundup of the main security changes to the Zoom platform:

    • Screen sharing: For single Zoom Pro accounts, screen sharing is set to Host Only by default. Hosts and co-hosts can grant access to other participants in the Security icon.
    • Consent for unmute: When a meeting host has muted a participant, they can no longer unmute that person without their consent. That participant will now receive a prompt asking for consent to be unmuted. (Note: With this feature, the option for hosts to Unmute All participants at once has been removed, but will return in a later release.)
    • New audio for waiting rooms: We've created a specific audio chime for when someone hits the waiting room, so hosts are aware that they're there. You can also enable the "Play sound when participants join or leave" feature to hear alerts when participants are coming and going.
    • Temporarily removing GIPHY: To ensure strong privacy protection for users, we've temporarily removed the GIPHY integration in Zoom Chat. Once additional technical and security measures have been deployed, we will re-enable the feature.
    • Meeting information during screen share: Participants can now access meeting information, such as meeting ID, when sharing their screen. Find it under "More" in the meeting controls.
    • Multiple login restrictions: For meetings that require registration, hosts can choose whether to allow participants to join from multiple devices. This is available under Registration Options of the meeting details section in the Zoom web portal (zoom.miami.edu).

    For additional info on all recent Zoom platform updates, check out our Release Notes.

    To learn more about securing your Zoom meetings, check out our Privacy and Security webpage for additional information and resources.

  • Zoom Acquires Keybase and Announces Goal of Developing Encryption Enhancements

    We are proud to announce the acquisition of Keybase, another milestone in Zoom's 90-day plan to further strengthen the security of our video communications platform. Since its launch in 2014, Keybase's team of exceptional engineers has built a secure messaging and file-sharing service leveraging their deep encryption and security expertise. We are excited to integrate Keybase's team into the Zoom family to help us build end-to-end encryption that can reach current Zoom scalability.

    This acquisition marks a key step for Zoom as we attempt to accomplish the creation of a truly private video communications platform that can scale to hundreds of millions of participants, while also having the flexibility to support Zoom's wide variety of uses. Our goal is to provide the most privacy possible for every use case, while also balancing the needs of our users and our commitment to preventing harmful behavior on our platform. Keybase's experienced team will be a critical part of this mission.

    Zoom Encryption Today

    Today, audio and video content flowing between Zoom clients (e.g., Zoom Rooms, laptop computers, and smartphones running the Zoom app) is encrypted at each sending client device. It is not decrypted until it reaches the recipients' devices. With the recent Zoom 5.0 release, Zoom clients now support encrypting content using industry-standard AES-GCM with 256-bit keys. However, the encryption keys for each meeting are generated by Zoom's servers. Additionally, some features that are widely used by Zoom clients, such as support for attendees to call into a phone bridge or use in-room meeting systems offered by other companies, will always require Zoom to keep some encryption keys in the cloud. However, for hosts who seek to prioritize privacy over compatibility, we will create a new solution.

    The Near Future

    Zoom will offer an end-to-end encrypted meeting mode to all paid accounts. Logged-in users will generate public cryptographic identities that are stored in a repository on Zoom's network and can be used to establish trust relationships between meeting attendees. An ephemeral per-meeting symmetric key will be generated by the meeting host. This key will be distributed between clients, enveloped with the asymmetric keypairs and rotated when there are significant changes to the list of attendees. The cryptographic secrets will be under the control of the host, and the host's client software will decide what devices are allowed to receive meeting keys, and thereby join the meeting. We are also investigating mechanisms that would allow enterprise users to provide additional levels of authentication.

    These end-to-end encrypted meetings will not support phone bridges, cloud recording, or non-Zoom conference room systems. Zoom Rooms and Zoom Phone participants will be able to attend if explicitly allowed by the host. Encryption keys will be tightly controlled by the host, who will admit attendees. We believe this will provide equivalent or better security than existing consumer end-to-end encrypted messaging platforms, but with the video quality and scale that has made Zoom the choice of over 300 million daily meeting participants, including those at some of the world's largest enterprises.

    As we do this work to further protect our users' privacy, we are also cognizant of our desire to prevent the use of Zoom's products to cause harm. To that end, we will be taking the following steps:

    • We will continue to work with users to enhance the reporting mechanisms available to meeting hosts to report unwanted and disruptive attendees.
    • Zoom does not and will not proactively monitor meeting contents, but our trust and safety team will continue to use automated tools to look for evidence of abusive users based upon other available data.
    • Zoom has not and will not build a mechanism to decrypt live meetings for lawful intercept purposes.
    • We also do not have a means to insert our employees or others into meetings without being reflected in the participant list. We will not build any cryptographic backdoors to allow for the secret monitoring of meetings.

    Next Steps

    We are committed to remaining transparent and open as we build our end-to-end encryption offering. As of May 22, we published a detailed draft cryptographic design. We will host discussion sessions with civil society, cryptographic experts, and customers to share more details and solicit feedback. Once we have assessed this feedback for integration into a final design, we will announce our engineering milestones and goals for deploying to Zoom users.

    We look forward to welcoming the Keybase team and are excited for the possibilities of what we can build together.

  • Enhanced Password Capabilities for Zoom Meetings, Webinars, and Cloud Recordings

    The Zoom team has been hard at work delivering additional features that further secure your Zoom meeting and webinar experiences. This past weekend's release included additional password protections, one of the best options for securing your meetings and webinars.

    Here's a quick overview of the new password options, Zoom's random meeting ID generator, and other Zoom platform developments.

    What's New

    Password requirements: For meetings and webinars, account owners and admins can now configure minimum meeting password requirements to adjust the minimum length and require letters, numbers, and special characters, or allow only numeric passwords.

    Random meeting IDs: One-time randomly generated meetings IDs for newly scheduled meetings and webinars will be 11 digits instead of nine. Your Personal Meeting ID (PMI) will remain the same.

    Cloud recordings: Password protection for shared cloud recordings is now on by default for all accounts. We've also enhanced the complexity of passwords on your cloud recordings. Existing shared recordings are not affected.

    • As the host, you can adjust the following options in your Zoom recording settings to manage password protection:
      • Customize the recording password to a preferred password.  To do so, log in via zoom.miami.edu and click Recordings. Next to the specific recording, click Share > scroll to Password protection > insert your custom password > click Save. Click here for step-by-step screengrabs.
      • Turn off password protection for specific recordings, as needed. To do so, log in via zoom.miami.edu and click Recordings. Next to the specific recording, click Share > scroll to Password protection and disable the option. Click here for step-by-step screengrabs.
      • Turn the recording password feature off on your Zoom account. To do so, log in via miami.edu and click Settings > Recording > scroll down to Require password to access shared cloud recordings and disable the option. Click here for step-by-step screengrabs.

    Third-party file sharing: You can once again use third-party platforms, such as Box, Dropbox, and OneDrive, to share across the Zoom platform. We temporarily disabled this feature and have restored it after a full security review of the process.

    Zoom Chat message preview: Zoom Chat users can hide the message preview for desktop chat notifications. If this is turned off, you'll simply be alerted that you have a new message without displaying any message content.

    Additionally, we've fixed issues related to missing data and delay on the Zoom Dashboard. We will continue to monitor and make improvements to dashboard and reporting performance.

    For more information on these changes, please check out the Release Notes for 4.6.11.

  • New Security Toolbar Icon for Hosts, Meeting ID No Longer Displayed

    On April 8, 2020, Zoom implemented an important update to help make your meetings more private and secure. The most visible change that meeting hosts will see is an option in the Zoom meeting controls called Security. This new icon simplifies how hosts can quickly find and enable many of Zoom's in-meeting security features.

    Visible only to hosts and co-hosts of Zoom Meetings, the Security icon provides easy access to several existing Zoom security features so you can more easily protect your meetings.

    By clicking the Security icon, hosts and co-hosts have an all-in-one place to quickly:

    Zoom recognizes that various security settings in the Zoom client, while extremely useful, were also extremely scattered. The addition of this persistent Security icon helps augment some of the default Zoom security features in your profile settings and enables Zoom users to more quickly take action to prevent meeting disruption.

    The Security icon replaces the Invite button in the meeting controls. The Invite button has been moved to the Participants panel, and hosts can add additional guests there.

    The Security icon is available in Zoom's latest release to all Zoom hosts and co-hosts in all free and paid account types on desktop (Mac & Windows), mobile (iOS & Android), iPad, and in the web client.

    Meeting ID No Longer Displayed:

    Additionally, the Zoom Meeting ID will no longer be displayed on the title toolbar. The title will simply be "Zoom" for all meetings, preventing others from seeing active meeting IDs when, for instance, Zoom screenshots are posted publicly.

    Additional Resources:

  • How to Keep Uninvited Guests Out of Your Zoom Event

    As more people use our platform and host their virtual events using Zoom, we wanted to offer up tips to ensure everyone joining an event does so with good intentions. Like most other public forums, it's possible to have a person (who may or may not be invited) disrupt an event that’s meant to bring people together.

    So, a couple of reminders on using Zoom to host public events:

    • When you share your meeting link on social media or other public forums, that makes your event extremely public. ANYONE with the link can join your meeting.
    • Avoid using your Personal Meeting ID (PMI) to host public events. Your PMI is basically one continuous meeting and you don’t want randos crashing your personal virtual space after the party's over. Learn about meeting IDs and how to generate a random meeting ID (at the 0:27 mark) in this video tutorial.
    • Familiarize yourself with Zoom's settings and features so you understand how to protect your virtual space when you need to. For example, the waiting room is an unbelievably helpful feature for hosts to control who comes and goes. (More on that below.)

    Read on for a list of Zoom features that can help you safely share your Zoom virtual cocktail hour or dance break without unwanted interruptions. Ok, Zoomer? Let's do it!

    Manage Screen Sharing

    The first rule of Zoom Club: Don't give up control of your screen. 

    You do not want random people in your public event taking control of the screen and sharing unwanted content with the group. You can restrict this—before the meeting and during the meeting in the host control bar—so that you're the only one who can screen-share.

    To prevent participants from screen sharing during a call, using the host controls at the bottom, click the arrow next to Share Screen and then Advanced Sharing Options.

    Advanced Sharing Options

    Under "Who can share?" choose "Only Host" and close the window. You can also lock the Screen Share by default for all your meetings in your web settings.

    Prevent others from screen sharing

    Manage Your Participants

    Some of the other great features to help secure your Zoom event and host with confidence:

    Authorized Attendees

    This is useful if you want to control your guest list and invite only those you want at your event — other students at your school or colleagues, for example.

    • Lock the meeting: It's always smart to lock your front door, even when you're inside the house. When you lock a Zoom Meeting that's already started, no new participants can join, even if they have the meeting ID and password (if you have required one). In the meeting, click Participants at the bottom of your Zoom window. In the Participants pop-up, click the button that says Lock Meeting.
    • Set up your own two-factor authentication: You don't have to share the actual meeting link! Generate a random Meeting ID when scheduling your event and require a password to join. Then you can share that Meeting ID on Twitter but only send the password to join via DM.
    • Remove unwanted or disruptive participants: From that Participants menu, you can mouse over a participant's name, and several options will appear, including Remove. Click that to kick someone out of the meeting.
    • Allow removed participants to rejoin: When you do remove someone, they can't rejoin the meeting. But you can toggle your settings to allow removed participants to rejoin, in case you boot the wrong person.
    • Put 'em on hold: You can put everyone else on hold, and the attendees' video and audio connections will be disabled momentarily. Click on someone's video thumbnail and select Start Attendee On Hold to activate this feature. Click Take Off Hold in the Participants list when you're ready to have them back.
    • Disable video: Hosts can turn someone's video off. This will allow hosts to block unwanted, distracting, or inappropriate gestures on video or for that time your friend’s inside pocket is the star of the show.
    • Mute participants: Hosts can mute/unmute individual participants or all of them at once. Hosts can block unwanted, distracting, or inappropriate noise from other participants. You can also enable Mute Upon Entry in your settings to keep the clamor at bay in large meetings.
    • Turn off file transfer: In-meeting file transfer allows people to share files through the in-meeting chat. Toggle this off to keep the chat from getting bombarded with unsolicited pics, GIFs, memes, and other content.
    • Turn off annotation: You and your attendees can doodle and mark up content together using annotations during screen share. You can disable the annotation feature in your Zoom settings to prevent people from writing all over the screens.
    • Disable private chat: Zoom has in-meeting chat for everyone or participants can message each other privately. Restrict participants' ability to chat amongst one another while your event is going on and cut back on distractions. This is really to prevent anyone from getting unwanted messages during the meeting.
    Try the Waiting Room 

    One of the best ways to use Zoom for public events is to enable the waiting room feature. Just like it sounds, the waiting room is a virtual staging area that stops your guests from joining until you're ready for them. It's almost like the velvet rope outside a nightclub, with you as the bouncer carefully monitoring who gets let in.

    Meeting hosts can customize waiting room settings for additional control, and you can even personalize the message people see when they hit the waiting room so they know they're in the right spot. This message is really a great spot to post any rules/guidelines for your event, like who it's intended for.

    Waiting Room message

    The waiting room is really a great way to screen who's trying to enter your event and keep unwanted guests out.

  • Zoom's Advanced Sharing Settings for Education

    Based on feedback from the education community, Zoom recently released a product enhancement to give teachers more control over their meetings.

    Host Sharing Enhancements

    As of March 26, 2020, the screen sharing settings within your account have automatically defaulted to "Only Host." This setting gives hosts sole permission to share content within their meetings by default.

    How do I give meeting participants the ability to share?

    If you'd like to give participants screen sharing permission when hosting your next meeting, simply click the arrow to the right of the Screen Sharing icon, select Advanced Sharing Options and select All Participants.

    If you'd like to re-enable participant content sharing at the account level, please visit miami.zoom.us/profile/setting > In Meetings (Basic) > Screen sharing > and select All Participants. For reference, see the screengrab below:


    Visit the Zoom Help Center for more information regarding this update.

    Sharing of Zoom Recordings

    Please note that Zoom recently turned on a setting to require a password for recordings that are sent out.

  • Best Practices for Securing Your Virtual Classrooms

    Zoom has helped thousands of schools and teachers around the world quickly shift to remote virtual learning. Click here to read the Zoom blog which highlights best practices for securing your virtual classrooms.

For more information about Zoom, including a list of features and benefits, visit the Zoom service page. For answers to commonly asked questions, review the Zoom FAQs.

If you suspect you may be a victim of Zoombombing, please contact the UMIT Service Desk at: (305) 284-6565 or help@miami.edu, as well as the IT Security team at: ciso@miami.edu.


Back to Top