In the context of our ongoing cyber security programme, I would like to remind colleagues of some simple steps we can take to protect Zoom events from being the subject of malicious attacks.
Please read our Stay safe using Zoom guide. The guide outlines a series of different security settings you can use when creating Zoom events.
If you are hosting a Zoom meeting, it is advisable to ensure that we have set up the meeting to ensure that attendees can only participate as we need them to, and don't have access to the full suite of tools. As the meeting organiser or host, once a Zoom meeting has started, we have access to controls which allow us to decide who can give live contributions. This means we can control both unintentional interruptions and malicious acts. The guide also advises on how to report malicious activities directly to Zoom who will investigate all such reports.
For events where you don’t need attendees to participate proactively, we have a small number of licences available for Zoom Webinars – this set up is useful for broadcast style events and further limits what attendees can do, giving you peace of mind. We should also consider if and where you publish the link to your Zoom meetings, and perhaps send it only to people who register for the event via a system such as Eventbrite.
Recently an online University event was subject to a malicious attack. The matter has been reported and is being investigated. Along with members of my ITS team, I will be meeting with School colleagues over the next few weeks to discuss these topics and seek feedback on how we can work together to make our Zoom meetings a safe space for everyone to participate. If you have a concern regarding Zoom that you would like to discuss, please do contact me directly at p.orourke@sussex.ac.uk.
Peter O’Rourke
Assistant Director, IT Operations