Zoom is one of the easiest ways for video conferencing and online presentation. Before you jump into Zoom, you should know the following.
If you are intending to use Zoom, please review these considerations:
Your data may leave Canada
Zoom may transmit your “Customer Content” (i.e. data/files that you may show, talk about, or chat about during a meeting) through geographic regions outside Canada, as it uses a number of global data centres to provide its service. Zoom may attempt to use data centres that are geographically closer to where your participants reside, or use alternate data centres to help improve the quality of transmission if certain data centres are not performing well.
If you choose to record your sessions and store them via the cloud option then this data may be stored outside of Canada, quite possibly in the USA and therefore subject to their laws around who can access it.
If you are concerned that about your customer content leaving Canada, you should not use Zoom.
Transmission of customer content is encrypted, but when it passes through the Zoom’s servers (which is how it is transmitted to meeting participants), it is technically possible for Zoom to see the customer content as it only encrypted in transmission, and not as it passes through these servers.
If you are concerned about Zoom being able see your customer content (and possibly being compelled by foreign governments to see it), then you should not use Zoom.
Zoom’s popularity has increased in large part due to its ease of use and how easy it may be to join a meeting. New types of attacks have arisen called Zoom bombings that allow unauthorized users to join meetings and show inappropriate/offensive materials. Zoom has a number of security features to prevent this, but note that this may require more actions by participants to join the meeting (e.g. entering a password).
Zoom is free to use but the free version is limited to 40 minutes duration.
Users hosting Zoom meetings should be familiar with the options that may affect the security of their meetings and the privacy of its participants.
Keeping Zoom client up to date
Like any software application bugs and flaws may exist in the Zoom software and are periodically uncovered. Some are minor and some have the potential to be serious. It’s always a good practice to keep your Zoom client up to date to have it patched against any known bugs or security flaw.
Hosts and participants should ensure the Zoom client they are using remains up to date.
Recommended settings for Zoom to minimize security and privacy risks
The following settings are strongly recommended to help minimize the security and privacy risks associated with using Zoom. We recognize that these settings may not work in all contexts (e.g. having the waiting room to admit 250 learners), and have attempted to select the options that work for the majority of cases.
When you share your meeting link on social media or other public forums, that makes your event extremely public. Anyone with the link can join your meeting if you don’t require a password or authentication.
- Require a password to enter the meeting
- Screen sharing is set to host only
- Attention tracking is set to off
- Waiting room is set to on by default so that the host must admit users
- Avoid using your Personal Meeting ID (PMI) to host public events and enable PIN.
- Lock the meeting: It’s always smart to lock your front door, even when you’re inside the house. When you lock a Zoom Meeting that’s already started, no new participants can join, even if they have the meeting ID and password (if you have required one). In the meeting, click Participants at the bottom of your Zoom window. In the Participants pop-up, click the button that says Lock Meeting.
- Remove unwanted or disruptive participants: From that Participants menu, you can mouse over a participant’s name, and several options will appear, including Remove. Click that to kick someone out of the meeting.
- Mute participants: Hosts can mute/unmute individual participants or all of them at once. Hosts can block unwanted, distracting, or inappropriate noise from other participants. You can also enable Mute Upon Entry in your settings to keep the clamor at bay in large meetings.
- Disable private chat: Zoom has in-meeting chat for everyone or participants can message each other privately. Restrict participants’ ability to chat among one another while your event is going on and cut back on distractions. This is really to prevent anyone from getting unwanted messages during the meeting.
- Turn off file transfer: In-meeting file transfer allows people to share files through the inmeeting chat. Toggle this off to keep the chat from getting bombarded with unsolicited pics, GIFs, memes, and other content.
- Waiting Room: One of the best ways to use Zoom for public events is to enable the Waiting Room feature. Just like it sounds, the Waiting Room is a virtual staging area that stops your guests from joining until you’re ready for them. Meeting hosts can customize Waiting Room settings for additional control, and you can even personalize the message people see when they hit the Waiting Room so they know they’re in the right spot. This message is really a great spot to post any rules/guidelines for your event, like who it’s intended for.
Only record meetings when necessary. When recording, record locally if possible but understand this may affect your meeting experience.
- Allow hosts to record meetings locally (i.e. on their computer)
- Allow hosts to record meetings to the cloud (i.e. on Zoom’s servers)
- Records the active speaker with shared screen
- Records an audio file
- Saves chat messages
- Display participant’s names in recording
- Record thumbnails when sharing
- Automatic record is set to off
- Only the host can download cloud recordings
- Host can delete cloud recordings
- Ask participants for consent when a recording starts
Phone numbers are masked in the participants list (e.g. they will show up as 888****123)