Zoom FAQ

General

• Zoom cloud recording retention?

  • SJSU recently received direction from CSU Office of General Counsel (OGC) that instructional Zoom content from the spring 2020 semester and onward that is, or will be, and stored on the Zoom cloud should be preserved. In response to this direction, the capability for users to delete Zoom recordings from the cloud has been removed indefinitely. Recordings that are stored locally on a laptop or computer are not subject to this directive and can be deleted. 

    This directive does not require or obligate faculty or staff to record classes, or others to record meetings, training, or sessions. If you were not previously recording your classes, meetings, training, or sessions, this directive does not require you to change that practice. However, if you choose to record and store the recording on the Zoom cloud, you will be unable to delete the recording until further notice.

• Why does SJSU use Zoom as its web conferencing platform?

  • Zoom is a tool provided to the CSU through a contract with the Chancellor’s Office.

• Where can I get information about how to use Zoom?

  • We have posted a number of tips and additional information about how to keep your information secure and private.

• Can I get training on how to use Zoom?

  • Training for Zoom and many other remote instructions and learning tools are available from eCampus’ Remote Teaching Options site.

• What is Zoom Webinar?

  • The webinar feature on Zoom allows individuals to host larger rooms with tighter controls on who can speak and contribute. This mode allows the host to designate speakers and panelists for discussions. This is still a feature-rich environment, with ranked Q&As, polling, and more. It’s intended for semi-participatory broadcast-style events. It may also work for larger, lecture-style courses that don’t typically have too much discussion between the lecturer and the class.

 Privacy

• What is “Zoom-bombing” and what has Zoom done to limit Zoom-bombing?
  • Zoom-bombing occurs when uninvited “guests” disrupt a video conference. Zoom has made changes to meeting settings to help mitigate Zoom-bombing. All meetings now set all meetings to require passwords and limit screen sharing to “Host-Only" to prevent malicious document and screen sharing by default. Additional tips to help hosts can be found here.
• Can someone use Zoom to collect Zoom users’ email addresses or avatars?
  • There is a Zoom feature that may allow users within the same directory (for example, within a company) to see each others’ photos and email addresses. People who signed up for free accounts were all added into an open directory together. Using your SJSU account for Zoom avoids this problem and maintains your privacy. SJSU has our own directory, so all details of SJSU users will stay private within our directory.
• What data did Zoom allow to be shared with Facebook?

  • Zoom, like many other sites, used Facebook’s “Log In with Facebook” feature on iOS Apple devices. Although this feature Using this feature would send the user’s device information to Facebook (mobile OS type and version, the device time zone, device OS, device model and carrier, screen size, processor cores, and disk space), it did not collect sensitive personal or meeting-related data (or information or activities related to meetings, such as attendees names, notes, etc.). Zoom has removed the iOS Facebook login. Users may still  “Log In with Facebook” via a web browser but we encourage you to use your SJSU Zoom login instead. this feature to resolve this issue and now only uses web login.

• Can the host record me without my knowing?

  • Recordings are controlled by the host, but attendees at meetings are always notified when they are about to be recorded. A pop-up shows up asking for consent to record. If the participant does not wish to be recorded, they can leave the meeting.

Security

• What can I do to secure my Zoom meeting?
  • We have posted information about locking down meetings, using the waiting room feature, post-meeting security, and more.
• How is SJSU working to help keep me secure?
  • SJSU IT is taking proactive measures above and beyond what both Zoom and the CSU deem necessary in order to keep your meetings safe and private.
• How secure is Zoom?

  • The CSU CIO has said that Zoom is no less secure than any other piece of software we use. Bugs and security issues always come up in every piece of technology. What matters is the company’s response. Zoom has been transparent about their problems and has been quick to resolve them.

    That said, the strongest safety measures are ones which users control: making sure that meetings are password-protected, that meetings are links are not published publicly unless they need to be, and that hosts maintain control of their meetings for things like sharing and inviting. Zoom has already changed many of these controls to be on by default. We’ve also posted lots of information about securing Zoom sessions

• Is Zoom more secure if I use my SJSU account?

  • The Chancellor’s Office’s contract with Zoom stipulates that all documents shared within Zoom among SJSU accounts must be secured according to FERPA standards.

• Is Zoom fully encrypted?

  • There was confusion about Zoom’s claims on end-to-end encryption. Zoom has since posted a clarification on how their encryption works and the language they use. According to Yuan’s blog, “in a meeting where all of the participants are using Zoom clients, and the meeting is not being recorded, we encrypt all video, audio, screen sharing, and chat content at the sending client, and do not decrypt it at any point before it reaches the receiving clients.”

• Can a hacker turn on my mic or camera though the Zoom app?

  • Technical exploits through Mac OS opened vulnerabilities on users’ computers. A malicious party with physical access to your computer could gain additional privileges to your computer or access your webcam and microphone. As of April 2, both issues have been resolved. Your client automatically updates and should already have this fix implemented.

• Why did the New York City school district direct schools not to use Zoom?

  • You may have heard that NYC schools are pulling their support of Zoom because of security concerns. Their setup did not have the same enterprise-level security features that SJSU has in place. SJSU uses Zoom through a CSU-wide agreement by the Chancellor’s Office that obligates Zoom to protect our data. NYC Department of Education had no such central contract, and instead were using a patchwork of free versions and individual contracts.

• Can Zoom chat be used to post malicious links that expose password information?
  • Zoom’s Windows Client could enable the exploitation of a vulnerability in Windows (i.e. password stealing) that would allow attackers to steal a password in the chat area if someone clicked on a malicious link. Zoom implemented a fix on April 2 disabling these kinds of malicious links in a recent patch.

Reliability & Stability

• Can Zoom handle all of this sudden growth?

  • Zoom is used by 90,000 schools across 20 countries. They’ve grown from 10 million daily users in December 2019 to over 200 million in March. Throughout this growth, we have not received or seen any reports refuting Zoom’s reliability as a platform. Their cloud-based infrastructure has allowed them to scale rapidly.

• Why are cloud recordings slow to post?
  • There was an issue with recorded meetings being slow to get posted for later download, but that has now been much improved.
• Why is my meeting stuttering and stopping?

  • Slowdowns and lag are most often the result of a slow connection from your internet service provider (ISP). It may be worth the time to call your ISP and ask if you have an up-to-date plan or if you can temporarily upgrade your plan at a promotional rate. Many ISPs are working with individuals to ensure reliable access throughout the COVID-19 pandemic.

• If everyone is saving their recordings to our Zoom cloud, won’t we run out of space?

  • Because our agreement with Zoom comes via CSU-wide contract, we have a very large capacity for cloud recording. Even after transitioning our entire university to online instruction, we have only used 4% of our total  SJSU cloud storage capacity with Zoom. We are currently at 16% of our total cloud capacity, up from 12% at the start of online learning.

• I’m having difficulty with the integration between Canvas and Zoom scheduling. What’s wrong?

  • Both IT and eCampus are aware that Canvas integration with Zoom’s scheduling feature does not work. This is because we are using an older version of the tool that enables Zoom integration. For now, we’re recommending that you cut-and-paste the URLs generated in Zoom. SJSU’s eCampus department is intentionally waiting to update the tool because they do not want to disrupt any current systems. The fix should be straightforward, but if something goes wrong, we don’t want it to happen right now.

Zoom for Healthcare

• What is Zoom for Healthcare?

  • The Health Insurance Portability and Accountability Act (HIPAA) lays out privacy and security standards that protect the confidentiality of patient health information. In terms of video conferencing, the solution and security architecture must, among others, provide meeting access controls so data in transit cannot be intercepted. You can find a full list of controls enabled for Zoom for Healthcare on our page.

• How can I access Zoom for Healthcare?
  • To use Zoom for Healthcare, you need to be associated with an SJSU organization which has been assigned Zoom for Healthcare licenses by our administrators. If you work in a healthcare environment in association with SJSU, it is likely your group has already transitioned over to this environment. However, if you feel your team or organization needs to be using Zoom for Healthcare and aren’t currently, please submit a request through the Information Security Office.