1. Securing a Zoom Meeting
  2. Enabling Security Settings for your Zoom Meeting
  3. Requiring Authentication for Zoom Meetings
  4. What security settings do I need for my meeting?
  5. Reporting a Zoombomber or abusive user
  6. Top 5 Security Recommendations for Zoom
  7. Zoom Data Storage
  8. Privacy and Security Resources
  9. Zoom Support

ÐÓ°ÉÔ­´´

Securing a Zoom Meeting

We recommend securing your Zoom meetings to prevent incidents of “” or other unwanted interruptions. See the resources below for more information on how to secure a Zoom meeting.

NOTE: To enhance security, authentication will be required by default for all ÐÓ°ÉÔ­´´ Zoom meetings as of August 29th, 2022. For more information, see Authentication Coming to Zoom Meetings.

Enabling Security Settings for your Zoom Meeting

As a meeting host, you have the option to enable the following security settings for your Zoom meeting:

  • Passcode – Only users who have the passcode can join the meeting.
  • Waiting Room – Only users admitted by the host can join the meeting.
  • Require Authentication to Join: Sign in to Zoom or ÐÓ°ÉÔ­´´ University AccountÐÓ°ÉÔ­´´ University Account allows only users who have securely signed into their ÐÓ°ÉÔ­´´ account to join. Sign into Zoom allows only users who have signed into any Zoom account to join.
NOTE: As of May 2nd 2022, all Zoom meetings scheduled and hosted by ÐÓ°ÉÔ­´´ Zoom users are required to have at least 1 form of security enabled. If you do not select a security feature, Zoom will enable the  for your meetings by default.

To enable security settings for a Zoom meeting:

  1. Go to .
  2. Sign in with your MyÐÓ°ÉÔ­´´One credentials. For instructions, see ÐÓ°ÉÔ­´´’s Enterprise Zoom License and Single Sign On (SSO) support page.
  3. Select the name of the meeting and click Edit or click Schedule a Meeting.
  4. Under Security, select one or more of the following options:
    • Passcode – Only users who have the passcode can join the meeting.
    • Waiting Room – Only users admitted by the host can join the meeting.
    • Require Authentication to Join: Sign in to Zoom or ÐÓ°ÉÔ­´´ University Account.
      • ÐÓ°ÉÔ­´´ University Account allows only users who have securely signed into their ÐÓ°ÉÔ­´´ account to join.
      • Sign into Zoom allows only users who have signed into any Zoom account to join.
  5. Click Save.

For more instructions, see , , .

Requiring Authentication for Zoom Meetings

The Required Authentication setting helps ensure that only ÐÓ°ÉÔ­´´ users who have securely signed into their MyÐÓ°ÉÔ­´´One (MC1) account can join the ÐÓ°ÉÔ­´´ host’s meeting.

Requiring authentication offers significant benefits, including:   

  • Allowing the pre-assignment of breakout rooms before class sessions
  • Enabling accurate attendance logs and Zoom analytics
  • Protecting meeting participants from potentially abusive Zoombombings and privacy breaches

Zoom hosts have had the option to for their meeting participants since May 2, 2022. On August 29, the setting becomes enabled by default for all meetings. 

Zoom users will still be able to disable the required authentication default and/or choose alternative security settings instead.  In cases where external guests are invited to ÐÓ°ÉÔ­´´ Zoom meetings, the host can add to bypass required authentication.  

What security settings do I need for my meeting?

Scenario Examples Security Options & Recommendations
Course-related meeting (participants have access to host’s course in Brightspace) with only registered ÐÓ°ÉÔ­´´ members
  • Department meeting: instructors within one department
  • Course office hours: TA with assigned students in a course
  • Student group work: all ÐÓ°ÉÔ­´´ students in one course
  • Course lectures: instructor host, students attend
  • Use a .
  • Enable “” in your .
  • Do not give out the passcode.
  • Only allow students to access the meeting through the Join button in the Zoom plugin in Brightspace. Do not post the meeting information anywhere else.
  • Enable the ÐÓ°ÉÔ­´´ University Authentication security setting. Students will be required to sign into their before they can access the meeting.
Course-related meeting with registered ÐÓ°ÉÔ­´´ members and external guest(s)
  • Course lectures: instructor host, students attend, guest speaker(s)
  • Small workshops: 6 or fewer participants with guest(s) external from ÐÓ°ÉÔ­´´
  • Expert Panel: ÐÓ°ÉÔ­´´ participant with 6 or fewer external guests (vendors, experts, employers, etc.)
  • Use a .
  • Enable “” in your .
  • Do not give out the passcode.
  • Only allow students to access the meeting through the Join button in the Zoom plugin in Brightspace. Do not post the meeting information anywhere else.
  • Enable the ÐÓ°ÉÔ­´´ University Authentication security setting. Students will be required to sign into their before they can access the meeting.
  • Use the to admit external guest(s).
One-on-one non-course related meetings
  • Interview for enrollment/employment
  • Sales meeting with external vendor/client
  • Meetings for personal use
  • Enable the .
  • Only admit the participant you invited to the meeting.
  • Never admit an unexpected participant, or a participant with a name you don’t recognize.
  • Optional: enable the security setting (ÐÓ°ÉÔ­´´ University Account or Sign in to Zoom) for an additional layer of security.
  • Optional: enable for an additional layer of security.
Publicly advertised meeting
  • Expert Panel or Roundtable
  • Recruiting Event
  • Non-profit events
  • Meeting with an admission fee
  • Meetings with sensitive subject material
  • Enable on your meeting.
  • Consider hosting the meeting as a . CUES supports webinar events at ÐÓ°ÉÔ­´´. Webinars provide hosts the most amount of control, and the largest amount of security.
Small, non-course related meeting with users external from ÐÓ°ÉÔ­´´
  • Interview for enrollment/employment
  • Thesis Defense
  • Meeting with vendors
  • Enable the .
  • Only admit invited participants.
  • Optional: enable for an additional layer of security.
  • Optional: Enable : Sign in to Zoom. This will require participants to sign into any Zoom account before they gain access to the waiting room.
ÐÓ°ÉÔ­´´ only non-academic large event
  • Workshops
  • Inter-department meeting
  • Administrative meetings

Reporting a Zoombomber or abusive user

For any Zoombombing or concerning behaviour in a Zoom meeting, we encourage you to notify the ÐÓ°ÉÔ­´´ Zoom
team at the .

Depending on the abusive behaviour encountered, you may also wish to report to the following
groups:

Top 5 Security Recommendations for Zoom

Keep your Personal Meeting ID (PMI) private. Don’t share your ID for public events.

Your PMI is essentially one continuous meeting. Once people know the ID number, they can join the meeting at any time. NOTE: If you DO use your Personal Meeting ID, be sure to change your passcode for each session using the instructions on the Zoom help centre.

Never share your Zoom meeting links on publicly accessible forums or syllabi.

Instead of sharing your Zoom meeting links publicly, share the link details through Brightspace. When you share a link through Brightspace,  only enrolled students can access the virtual classroom. Note: By default, new meetings are assigned a random passcode. To choose your own passcode, follow the steps outlined in Zoom’s help centre.

Use unique passwords for your Zoom meetings. Avoid re-using passwords in Zoom or anywhere.
Unique passwords are the best method of keeping your Zoom meeting secure. When you re-use a password, the likelihood that an unwanted guest could join increases. Further protect your Zoom sessions by only sharing the password shortly before the session.

Avoid publicly posting images of private and virtual class meetings.
When you share an image of your virtual class meeting and its participants, you may be sharing the full names and images of other individuals without their permission. Do not take images of Zoom meetings without the express, written permission of everyone in the Zoom session. Provincial privacy and confidentiality legislation prohibits the sharing of student’s personal information without their consent.

Keep sensitive or confidential information off of Zoom.

As a standard practice, Zoom data mines all information provided on their service. There are reports that Zoom is capturing the browser ‘tabs’ that are open at the same time as Zoom. While Zoom calls are encrypted, they are not end-to-end encrypted at ÐÓ°ÉÔ­´´. As such, Zoom meetings and recordings may be intercepted and accessed outside of your intended use. To avoid having Zoom gather this information, open Zoom in a private/incognito browser and avoid opening any additional tabs within that browser

Zoom Data Storage

Although it is subject to change in the future, Zoom data is stored as follows: 

  • Zoom Cloud Recordings (“data at rest”) is stored on USA servers. These recordings are deleted from your Recordings list after 120 days and remain in the Trash for an additional 30 days before being permanently deleted. 
  • Zoom Meetings (“data in transit”) use a variety of international servers including USA and Canada. Users have the option of enabling servers in China, Singapore, and Hong Kong; however, we would recommend caution when using enabling these servers. 

You can contact ÐÓ°ÉÔ­´´’s Privacy Office at privacy@zoom.us or security@zoom.us for more information regarding Zoom’s data storage. 

Privacy and Security Resources

Zoom Support

ÐÓ°ÉÔ­´´ Zoom Support Contact Information

Visit the

Hours of Operation:  8:30 am – 4:30 pm, Monday-Friday (excluding university holidays).

Student Technical Support

Student support for educational technology applications is provided by the ITS service desk. Student-specific Zoom resources can also be found on the ÐÓ°ÉÔ­´´ Online website.

Zoom’s Official Support Site

Visit for instructions, video tutorials, FAQs, and more. For quick support from Zoom’s technical experts, .

Phone: +1.888.799.9666 ext. 2.

Chat: Go to and click the Chat icon in the lower-right corner to chat with Zoom’s virtual assistant.

Share: ,
Short URL: /zoom/?p=61