Zoom Bombing

Campus Colleagues,

I want to make you aware of a new kind of phishing attack that’s growing quickly in the wake of a global switch toward teaching, learning, and working remotely — “Zoom Bombing.”  

Zoom bombing is when an unwanted participant joins your Zoom meeting. Sometimes attackers are joining just to be a nuisance, but for others, the aim is to slip in unnoticed as you share documents with protected information on them or discuss confidential data. 

While SJSU already has some extra protocols in place to help keep you secure, I want to give you some quick tips to further help you prevent Zoom bombing.

  1. Keep Meeting URLs Private – Don’t share them anywhere that’s accessible to the public. Just keep it to the group of people you’re sure you want to be there.
  2. Keep Meeting Passwords On – These are on by default, so all you have to do is put in a password when prompted and leave them on. 
  3. Lock your meetings – When a meeting is locked, no one can join. Learn how on the SJSU IT Securing Zoom Meetings page. 
  4. Double-check your Zoom Google Calendar invites – If you add a Zoom meeting to your calendar or create a Zoom meeting in your calendar using the Zoom Plug-in, the calendar entry may include the Zoom meeting password. Depending on your settings, this may expose the password to anyone who views your calendar. Make your calendar entry private or edit the entry to remove the Zoom meeting password.

For more details on each of these tips and some more information on staying secure while working from home, visit the Work Anywhere Zoom page. You can also find information on the Work Anywhere FAQ about how to send data securely using DocuSign and safely access SJSU data systems remotely. 

 

Thank You,
Hien Huynh
Information Security Officer
Division of Information Technology

Improving Your Zoom Connection

Hello everyone:

We are monitoring the critical technology issues that universities and businesses are experiencing using Zoom and their networks. We are seeing reports that there are more instances of audio or video in Zoom becoming choppy or distorted. This seems to mostly be issues of local bandwidth, PC activity, or home WiFi setups. So I wanted to send some information about what you can do to improve your online experience. 

Run a Speed Test
The first thing to do is to figure out how fast your internet is currently. You can type “internet speed test” into a search engine.  If your speed is much slower than what you’re paying for, you may want to contact your ISP.

Make sure your system requirements are correct
Make sure that the computing device you’re using supports Zoom. These are the system requirements for PC, Mac, and Linux from Zoom: https://support.zoom.us/hc/en-us/articles/201362023-System-Requirements-for-PC-Mac-and-Linux  

Use the best Internet connection you can. 

  • Wired connections are faster and more stable than wireless (WiFi or cellular) connections.
  • WiFi connections are faster and more stable than cellular (3G/4G/LTE) connections.

Plan for Zoom meetings, and as often as possible, join Zoom meetings from a location where you can use a fast, reliable, wired Internet connection. 

If you are using WiFi, check your router.
Problems with wireless connections are usually easy to fix. For detailed information about your WiFi setup, please see Enhancing Your WiFi-Powered Zoom Meeting.  Some quick tips for improving WiFi signal include:

  • Try bringing your computer or mobile device closer to the WiFi router or access point in your home or office.
  • Upgrade your WiFI router firmware. Check your WiFi router support site for firmware upgrade availability. 
  • If necessary, consider using a WiFi extender to increase the distance and strength of your WiFi signal.
  • If you use a cable connection, use a DOCSIS 3.0 or higher cable modem to improve internet performance.

Mute your microphone when you’re not speaking.
When your microphone is on, Zoom will devote part of your Internet connection to an audio stream for you, even if you are not speaking. Mute your microphone when you do not need it, and you will allow Zoom to use your Internet connection more effectively.

Stop your webcam video when you don’t need it.
If your instructor or moderator is okay with you doing so, start your video only when you need to show yourself on webcam, and stop your video when it isn’t required.

Disable HD webcam video.
Sending high definition (HD) webcam video requires more bandwidth than sending non-HD. Disabling HD video will free up more of your Internet connection for other parts of your Zoom meeting. How do I disable HD video in the Zoom Client? From within the Zoom Client: 

  • Click the “Home” tab.
  • Click ” Settings.”
  • In the Settings window that opens:
  • Click the “Video” tab.
  • Uncheck “Enable HD.”
  • Close the Settings window.

Close other, unneeded applications on your computer.
Zoom meetings can demand significant memory and processing power from your computer. Closing other applications — ones you do not need during the session — will help Zoom run better.

Avoid other activities that will steal bandwidth.
Don’t start other bandwidth-intensive activities just before, or during, a Zoom meeting. On your Zoom device—and as much as possible, on different computers and devices that share your Internet connection—avoid:

  • large downloads
  • large uploads
  • streaming video (e.g., Netflix, Hulu, YouTube)
  • cloud backups (e.g., Carbonite, CrashPlan)
  • cloud file synchronizations (e.g., OneDrive, Dropbox)
  • other high-bandwidth activities

Communicate with the instructor or moderator of your Zoom meeting.
If the best Internet connection you have for Zoom is a slow one, such as a weak cellular data connection, let the person or people running your session know ahead of time.

 

Best regards,
Bob Lim

SJSUOne Password Extension with Duo – It’s Free

We’ve heard the feedback from faculty and staff about password security and have made changes to how often password renewals will be required. Starting with our initial pilot rollout, if faculty or staff have Duo Two-Factor Authentication (2FA) active on their SJSUOne account, their password won’t expire for two years. That means no more email reminders every 180 days and no more locking yourself out when you inevitably forget it the next morning. Our goal is to always find technology solutions that add more value — that’s the competitive advantage that SJSU IT offers.

Two-Factor Authentication adds a second layer of security to your SJSUOne account. By verifying your identity using a second factor (such as a key fob or your mobile device), 2FA makes it much more difficult for anyone else to log into your account, even if they know your password.

Signing up for Duo is easy and free. Learn more about Duo 2FA and fill out the registration form on our Duo@SJSU webpage. We’ve already made enrollment mandatory for university staff, and we’re aiming to have all faculty enrolled in Duo by December 1, 2019.

We greatly appreciate everyone’s diligence and support in protecting our students’ data and enhancing the security of our campus. Thank you for your continued help and support.

Thank you,
Bob-

Gartner Blockchain Analyst Briefing Recap

This latest event in the IT Extended Education Technology Series featured an analyst briefing from Gartner’s higher education blockchain expert. Covering core concepts, use cases, and disruptive power for universities, the presentation examined this emerging technology from a top-down leadership perspective, outlining practical benefits alongside the risks and challenges. We anonymously surveyed the briefing attendees for feedback.

A Quality Presentation
Gartner Blockchain Briefing attendee satisfaction surveyOf the surveyed participants, 93.8% marked the overall quality of the event as Good, Very Good, or Excellent. Some of the respondents provided actionable feedback. One wrote, “I would love to have the a copy of the slide deck. It was extremely informative.” We contacted Gartner that day to get a copy of their deck and forwarded it out to all attendees by the next day. The presenter herself received high marks, as all respondents marked the quality of the presentation as Good, Very Good, or Excellent. “Terri [the presenter] went to details when needed/asked. Very professional. I learned new use cases for Higher Ed.”

One area we can do better is making sure the presentation fits the technical skill level of the room. Only 66% of respondents marked the relevance of the material as Very Good or Excellent with the remaining 34% marking Good. While some commented that the presentation jumped in without enough foundation, others said that it wasn’t advanced enough.

Adding Value
Gartner Blockchain Briefing value add survey question resultsRespondents valued how the presentation supplemented existing or academic knowledge of Blockchain, with 93.8% of them saying they valued it Highly, Very Highly, or Exceptionally Highly. One commented, “I’m starving for this kind of material. Very important to helping us think forward.” Exploring these kinds of cutting-edge technologies and evaluating how they could be applied to our campus is a core goal of these workshops. After the presentation, 66.6% of surveyed participants said they would support future university blockchain initiatives. Though the question was left up to interpretation, respondents were still excited about the possibility of bringing blockchain to campus, with one participant saying, “Easing processes and access to information? Heck yeah.”

Moving Forward
Interest in future IT Extended Education Technology Series events surveyThe best barometer for success, however, is the likelihood of participants to attend another similar briefing, workshop, or presentation in the future. When asked if they’d come to another IT Extended Education Technology Series event again, 94% said yes. The most requested topic for a future event was Artificial Intelligence, with 60% of those responding choosing AI. Other popular responses were Cloud Service and Cybersecurity.

Potential future workshop topics

 

Watch your inbox for information on upcoming IT Extended Education Technology Series events as we look to bring more industry experts and enterprise-grade tools to San Jose State University.

Thank you,
Bob Lim

April Support Ticket Matrix

Every month, IT support staff receive thousands of help tickets from all across campus. Tickets are acknowledged and initially responded to within the same business day and normally resolved within 48 hours. These tickets consist mainly of change reports and incident reports. Change reports happen anytime a user requires a change, such as a software upgrade or new printer install. Incident reports are filed whenever something breaks or stops working correctly. Providing above and beyond customer service on every level is the prevailing goal of the IT Division. That’s why we proactively monitor servers, network ports, and more 24/7.

April Change Reports
In April 2019, IT received 5,386 change reports. Of those, 4,568 (85%) were closed within 48 business hours, 377 (7%) were closed within 120 hours and another 199 (4%) were closed by the end of the month. This left 242 (4%) tickets open when the month ended, which includes tickets submitted late in the month that will close in early May.

April Incident Reports
In April 2019, IT received 400 change reports. Of those, 365 (91%) were closed within 48 business hours, 10 (3%) were closed within 120 hours and another 16 (4%) were closed by the end of the month. This left 9 (2%) tickets open when the month ended, which includes tickets submitted late in the month that will close in early April.

Thank you,
Bob-