Author Archives: Bob Lim

Proactive Zoom Security Measures

Dear Colleagues: 

You may have read recent articles and news stories regarding security and privacy concerns with Zoom. As much of what we previously did face-to-face is now happening over Zoom, it’s important we understand what potential security issues exist within this platform, how some of these concerns may be addressed by enabling existing Zoom security features, and the new measures Zoom is taking to protect its users. SJSU IT and eCampus is committed to working with faculty, students, and staff to ensure appropriate security precautions are in place and to relaying our community’s concerns to Zoom.     

SJSU IT is actively monitoring news coverage of Zoom. Our Information Security Officer and Zoom account administrator are reviewing reports from information security researchers who have uncovered and documented vulnerabilities as they are published. We are in daily contact with other CSU Zoom administrators, Information Security Officers, and security industry leaders to ensure we understand the ramifications of any issues.  

eCampus and SJSU IT Resources
SJSU IT and eCampus have created an extensive Zoom FAQ, available here, answering questions found on various websites and forums. Ongoing training for Zoom is available from eCampus and within the next few days. eCampus will also be rolling out new training for faculty on Zoom security, privacy, and the Do’s & Don’ts of working with Zoom. We’re also sharing a quick-reference Do’s and Don’ts sheet.

SJSU IT Proactive Changes to Zoom Defaults
To improve overall Zoom meeting security and control who joins a Zoom meeting, we will be changing the default setting to only allow authenticated users to join meetings. This will require all participants to authenticate to SJSU Single Sign On before entering a meeting. Hosts will be able to change this default setting to not requiring authentication when scheduling a meeting with external participants. Please look for a message in the next few days with additional details and the specific date this change will be made. 

Zoom’s New Security Toolbar Icon for Hosts
Meeting hosts will now see an option in the Zoom meeting controls called Security. Visible only to hosts and co-hosts of Zoom Meetings, the new Security icon provides easy access to several existing Zoom security features. The Security icon replaces the Invite button in the meeting controls. The Invite button has been moved to the Manage Participants panel, and hosts can add additional guests there. This new icon will help hosts quickly find and enable many of Zoom’s in-meeting security features.

Zoom toolbar with new security button

By clicking the Security icon, hosts and co-hosts have an all-in-one place to quickly:

  • Lock the meeting
  • Enable the Waiting Room (even if it’s not already enabled)
  • Remove participants
  • Restrict participants’ ability to:
    • Share their screens
    • Chat in a meeting
    • Rename themselves
    • Annotate on the host’s shared content

Google Hangouts Meet Added to Canvas
In order to provide our faculty with additional options who are hosting small-session discussions, eCampus and SJSU IT have enabled Hangouts Meet as an option in Canvas.

It is also important to note that the Chancellor’s Office carefully assessed Zoom’s security provisions during the procurement process and ensured that the systemwide contract prohibits the company from selling personal data from any member of our CSU community. Based on what is known today, the Chancellor’s Office does not perceive that Zoom puts students’ staff or faculty members’  privacy at risk when used with good practices.   

While we use Zoom as part of our CSU-provided and vetted set of online tools, we are not advocating for Zoom. It is up to individual community members to decide if Zoom is the appropriate tool for their needs. To assist you in making this important decision, SJSU IT has developed and shared a frequently asked questions and answers document relating to Zoom use, privacy, and security and will keep you up-to-date on any Zoom issues that may impact our SJSU community. If you have any questions, please do not hesitate to reach out to us.  

 

Best regards, 

Hien Huynh
Information Security Officer

Simon Rodan
Professor, College of Business, Statewide Senator and liaison to the statewide Information Technology Advisory Committee  

Bob Lim
VP Information Technology and Chief Information Officer 

Ahmed Banafa
Cybersecurity Expert and Faculty member at the College of Engineering

Leslie Albert
Associate Professor, College of Business, Director of the Center for Organizational Resilience

Thank you for your support!

Dear Colleagues.

I hope this message finds you and your family all safe and healthy! I never could have imagined the challenges and changes of the last two months. As I take a moment to reflect, I am astounded by all we have accomplished. I am also extremely proud of you and your dedication to SJSU and SJSU IT. It is my pleasure to be part of such an incredible division.

So, what exactly did we accomplish? Within four short days of President Papazian announcing the shift to online modality, we transitioned an institution of almost 40,000 individuals from a traditional campus-centric university to a completely mobile campus, where approximately 36,000 students are learning remotely, 2100 faculty are teaching remotely, and 1500 staff are working remotely! This is truly amazing.

Thinking back to the first week of shelter in place, I remember a conversation that I had with an SJSU IT employee. We were working on the campus’s transition to the remote work environment, and he said, “You know, three years ago we would not have been in a situation to be able to do this.” And he was right!

In 2017 our President, Mary Papazian, elevated SJSU IT to a division level and shared her vision that technology would play a critical role in the digital transformation of SJSU. She and her cabinet invested in emerging technologies and dramatically increased technology funding. With Mary’s direction and support, we also established strong industry partnerships with technology leaders like IBM and LinkedIn. Our campus’ digital transformation – over the last three years – has provided the building blocks for a solid IT foundation, one that is scalable and modern.

We upgraded our networks and VPN, creating a more mobile and secure campus with higher bandwidth; transitioned from desktops to laptops, so people could work where they need to work; added analytics capabilities to evaluate our service quality and build our online support model; and changed our service model to maximize support for students, faculty, staff, and researchers.

We also shifted key communication and collaboration platforms:

  • WebEx to Zoom for cutting-edge video conferencing

  • Jabber (chat capability) to a much more user-friendly Google Hangout Chat

  • Announce to Marketo for prompt emails and an enterprise solution with analytics capabilities

What this all means is we had the right infrastructure in place to transition to a mobile campus, right when we needed it.

When called to help, everyone in our division mobilized and swiftly worked together to support our transition to online teaching and telecommuting. Your dedication, flexibility, and professionalism were unprecedented as you planned, shifted hours and responsibilities, and reprioritized work to meet new demands. Specifically, with very limited human resource capital, we formed a rapid response team, created a rapid response triage model, and extended coverage. Back-end engineers now respond to emergency tickets within five minutes from 7 a.m. to 10 p.m. Front-end engineer customer service staff have a target closure time of 10 minutes for teaching-related issues. And this is the shortlist of the many critical steps you took to ensure our success!

Did I mention, all of this great work has been accomplished while transitioning yourselves to remote workspaces and taking care of your own families? Thank you for all you have done, and all you continue to do!

We may face more challenges in the next few weeks and months as we manage the issues surrounding COVID-19, but remember, we are a resourceful and resilient community. Together, we will come out stronger on the other side.

Tomorrow, Tuesday, March 31, is an SJSU holiday. Please take this opportunity to relax and spend some quality time with those you care about. Each of you deserves some downtime – please rest, stay healthy, and be safe!

Sincerely,
Bob Lim

Zoom Bombing

Campus Colleagues,

I want to make you aware of a new kind of phishing attack that’s growing quickly in the wake of a global switch toward teaching, learning, and working remotely — “Zoom Bombing.”  

Zoom bombing is when an unwanted participant joins your Zoom meeting. Sometimes attackers are joining just to be a nuisance, but for others, the aim is to slip in unnoticed as you share documents with protected information on them or discuss confidential data. 

While SJSU already has some extra protocols in place to help keep you secure, I want to give you some quick tips to further help you prevent Zoom bombing.

  1. Keep Meeting URLs Private – Don’t share them anywhere that’s accessible to the public. Just keep it to the group of people you’re sure you want to be there.
  2. Keep Meeting Passwords On – These are on by default, so all you have to do is put in a password when prompted and leave them on. 
  3. Lock your meetings – When a meeting is locked, no one can join. Learn how on the SJSU IT Securing Zoom Meetings page. 
  4. Double-check your Zoom Google Calendar invites – If you add a Zoom meeting to your calendar or create a Zoom meeting in your calendar using the Zoom Plug-in, the calendar entry may include the Zoom meeting password. Depending on your settings, this may expose the password to anyone who views your calendar. Make your calendar entry private or edit the entry to remove the Zoom meeting password.

For more details on each of these tips and some more information on staying secure while working from home, visit the Work Anywhere Zoom page. You can also find information on the Work Anywhere FAQ about how to send data securely using DocuSign and safely access SJSU data systems remotely. 

 

Thank You,
Hien Huynh
Information Security Officer
Division of Information Technology

Improving Your Zoom Connection

Hello everyone:

We are monitoring the critical technology issues that universities and businesses are experiencing using Zoom and their networks. We are seeing reports that there are more instances of audio or video in Zoom becoming choppy or distorted. This seems to mostly be issues of local bandwidth, PC activity, or home WiFi setups. So I wanted to send some information about what you can do to improve your online experience. 

Run a Speed Test
The first thing to do is to figure out how fast your internet is currently. You can type “internet speed test” into a search engine.  If your speed is much slower than what you’re paying for, you may want to contact your ISP.

Make sure your system requirements are correct
Make sure that the computing device you’re using supports Zoom. These are the system requirements for PC, Mac, and Linux from Zoom: https://support.zoom.us/hc/en-us/articles/201362023-System-Requirements-for-PC-Mac-and-Linux  

Use the best Internet connection you can. 

  • Wired connections are faster and more stable than wireless (WiFi or cellular) connections.
  • WiFi connections are faster and more stable than cellular (3G/4G/LTE) connections.

Plan for Zoom meetings, and as often as possible, join Zoom meetings from a location where you can use a fast, reliable, wired Internet connection. 

If you are using WiFi, check your router.
Problems with wireless connections are usually easy to fix. For detailed information about your WiFi setup, please see Enhancing Your WiFi-Powered Zoom Meeting.  Some quick tips for improving WiFi signal include:

  • Try bringing your computer or mobile device closer to the WiFi router or access point in your home or office.
  • Upgrade your WiFI router firmware. Check your WiFi router support site for firmware upgrade availability. 
  • If necessary, consider using a WiFi extender to increase the distance and strength of your WiFi signal.
  • If you use a cable connection, use a DOCSIS 3.0 or higher cable modem to improve internet performance.

Mute your microphone when you’re not speaking.
When your microphone is on, Zoom will devote part of your Internet connection to an audio stream for you, even if you are not speaking. Mute your microphone when you do not need it, and you will allow Zoom to use your Internet connection more effectively.

Stop your webcam video when you don’t need it.
If your instructor or moderator is okay with you doing so, start your video only when you need to show yourself on webcam, and stop your video when it isn’t required.

Disable HD webcam video.
Sending high definition (HD) webcam video requires more bandwidth than sending non-HD. Disabling HD video will free up more of your Internet connection for other parts of your Zoom meeting. How do I disable HD video in the Zoom Client? From within the Zoom Client: 

  • Click the “Home” tab.
  • Click ” Settings.”
  • In the Settings window that opens:
  • Click the “Video” tab.
  • Uncheck “Enable HD.”
  • Close the Settings window.

Close other, unneeded applications on your computer.
Zoom meetings can demand significant memory and processing power from your computer. Closing other applications — ones you do not need during the session — will help Zoom run better.

Avoid other activities that will steal bandwidth.
Don’t start other bandwidth-intensive activities just before, or during, a Zoom meeting. On your Zoom device—and as much as possible, on different computers and devices that share your Internet connection—avoid:

  • large downloads
  • large uploads
  • streaming video (e.g., Netflix, Hulu, YouTube)
  • cloud backups (e.g., Carbonite, CrashPlan)
  • cloud file synchronizations (e.g., OneDrive, Dropbox)
  • other high-bandwidth activities

Communicate with the instructor or moderator of your Zoom meeting.
If the best Internet connection you have for Zoom is a slow one, such as a weak cellular data connection, let the person or people running your session know ahead of time.

Best Regards,
Bob Lim