Skip to content

Zoom Exception Guidelines and Best Practices for Select Faculty

NOTICE TO SELECT FACULTY
The Division of Information Technology understands that Zoom is a preference for, and has been deemed necessary by, a select number of faculty to conduct their virtual classrooms effectively this fall. At the request of the Faculty Senate, and in consultation with the Office of Internal Controls, IT is recognizing this exception and acknowledging that certain fall remote classes will be conducted via Zoom. We are providing usage guidelines and best practices for Zoom to help these select faculty have a better, safer Zoom experience. In part, these guidelines are based on recommendations from the U.S. Federal Bureau of Investigation. IT’s core responsibility remains: to protect FIT from security threats, and in this case those threats associated with Zoom. Therefore Zoom still cannot be trusted to the FIT Google Enterprise platform. Zoom continues to be an unsupported platform. FIT owns no enterprise Zoom licenses and therefore has no associated support contracts, troubleshooting documentation, or escalation paths to be able to provide support.

USAGE GUIDELINES/BEST PRACTICES
FIT Faculty who are using their own individual Zoom licenses, on their own remote (non-FIT) computing equipment, shall protect their computers, intellectual property, and the FIT network by adhering to the following Usage Guidelines/Best Practices:

1. Follow the guidelines recommended by the FBI. You can read the full FBI article here. For convenience we have listed the pertinent recommendations below:

❏ Do not make meetings or classrooms public. In Zoom, there are two options to make a meeting private: require a meeting password or use the waiting room feature and control the admittance of guests.

❏ Do not share a link to Zoom meetings on an unrestricted publicly available social media post. Provide the link directly to specific people.

❏ Manage screen sharing options. In Zoom, change screen sharing to “Host Only.”

❏ Ensure you and your students are using a Zoom version from or after January 2020. In their security update of January 2020, Zoom added passwords by default for meetings and disabled the ability to randomly scan for meetings to join.

2. Follow these additional FIT guidelines to ensure the safety of the College:

❏ Do not use your Zoom account if you are not running an up-to-date antivirus protection program on your remote computing equipment. Read more about antivirus protection here

❏ Do not host or join Zoom meetings from inside an FIT VPN session or from inside FIT Remote Labs.

❏ Do not use your FIT Google account credentials (username and/or password) — or any other personal and financial account credentials — as your Zoom account credentials (username and/or password). Please realize that Zoom credentials have been stolen (as per credible press reporting). If your Zoom credentials are stolen, and they are the same as your FIT credentials, you have increased the College’s security risk.

❏ Do not join a Zoom meeting unless it requires a password.

❏ Do not host a Zoom meeting and record it, unless you change the default file name (of the saved recording file) after you are done.

❏ Do not click on email links, social media posts, or pop-up messages that offer to install or reinstall Zoom for you. If you need to reinstall your Zoom account, go directly to the Zoom website and follow installation steps from there.

❏ Beware of Zoom-themed phishing emails. These may purport to be from Zoom and direct the recipient to open a malicious link or attachment in order to deliver malware or steal user credentials.

The Division of Information Technology cannot reimburse anyone for individual Zoom accounts that have been or may be purchased by faculty. FIT reserves the right to limit any faculty member that we discover is not following the above guidelines/practices from further access to FIT systems in order to protect the security of the college (until the issue in question is rectified).

Please read the full Computer and Network Use Policy as published on the College’s Policy Library here