= Zoom Best Practices =

== Zoom Passcodes (Security tightening) ==

This is to kindly inform you that you have to use passcodes (different passcodes) for each of your meetings/lectures. The passcode should be delivered to your participants on a separate channel (SMS, WhatsApp for examples). It should not be allowed to exposed to the outside. 

A passcode should have following minimum requirement

1. Have a minimum passcode length of 8 

2. Have at least simple 1 letter (a, b, c...)

3. Have at least capital 1 letter (A, B, C...)

4. Have at least 1 number (1, 2, 3...)

5. Have at least 1 special character (!, @, #...)

Further It should also be a good practice to issue a passcode very close to the start time of the meeting (few hours before the meeting/lecture start ). This should be seriously taken into account specifically when you have a large meeting/lecture where you can not individually recognize your participants.

Note: There can be some complications when you schedule a meeting through your Moodle LMS while trying to exactly follow the above. In case, you can schedule a meeting at Zoom web portal (https://learn.zoom.us) to post the meeting URL (ID) in Moodle and to send the passcode in a different channel. 


== Allow Only the Institutional(Authorized) Participants ==

Further to the previous email on the same subject of Zoom Best Practices and as the second step of tightening security, this email is to let you know, how you could restrict outsiders (unauthorized) coming in to your lectures.

Anyone who somehow got to know your meeting join URL and the passcode can join to your meeting/lecture. When you have a large number of participants in a lecture, it is not easy for you to check whether they are legitimate members. The following procedure should tell you how to make sure that only the (authorized) students of the campus/department can connect to the lecture and it will also allow you to identify exactly who connected to the lecture. The Zoom meeting report should give you the list of participants (Name, Zoom ID) and institutional identity management system give you further detail (student ID, NIC, mobile, etc) when necessary.


You have to do all four (4) steps below to get it work..


Step 01 - Get Student to own a Free Zoom Account

Please ask your students to own a Zoom account registered to the email address provided by their own campus (someone@your-campus.ac.lk). It is free, student can sign up Zoom in a few minutes. Means a student can have Zoom ID registered to his campus email address.

Optionally, If they have not been provided a campus email, You can get them to register for eduID ( at https://eduid.lk) to get an email address under MS.AC.LK (someone@ms.ac.lk); means they can have a free Microsoft Outlook email account under the domain ms.ac.lk and then to sign up Zoom.


Step 02 - Allow only Authorized Participants

When you schedule a meeting (from the Zoom web portal) check

Only authenticated users can join

under the Meeting Options. Once you checked it, only those who own a Zoom account can only join to your meeting after sign in. Guests (one who just got the URL and the passcode) can not join. But please note that anybody who own a valid Zoom ID bound to any other valid email account (email accounts not falling under ac.lk) can join ?.


Step 03 - Enable Waiting Room

When you schedule the meeting, please make sure you have enabled the Waiting Room


Step 04 - Allow Institutional Participants to Bypass the Waiting Room

    a. Sign In to Zoom web portal

    b. Select Settings  on your left

    c. Under Waiting Room Options, click on Edit Options

    d. Select the third option

            Users who are not in your account and not part of the allowed domains

    e. type your campus domain or comma separated multiple domains inside the text box.

            for examples it can be 

                    your-campus.ac.lk  only for your campus

                      or

                    ms.ac.lk  only for eduid

                       or

                    your-campus.ac.lk,ms.ac.lk  for both to be allowed

    f. Finally click the Continue button


The allowed domain can be your department domain (dept.campus.ac.lk) for further accuracy.

Now the participants from the whitelisted domain(s) will only be directly admitted to the meeting/lecture, the rest will be kept in the waiting room until you get them manually inside if you wish.

At the end of the day, your meeting report will tell you exactly who has joined to your meeting/lecture. In case of Zoom ID based on eduID, LEARN can give you additional detail of the participants (such as Name, Campus, NIC, student ID, mobile, etc). In case of Zoom ID based on their campus/department email, the campus/department should know all details.


== How to Reduce the Data Consumption ==

If one or more hosts and/or participants are keeping their video enabled most of the time at the meeting, the Zoom meeting/lecture consumes a lot of resource from the IT infrastructure of the country. It is expensive, costs millions of rupees. Bearing it should be hard for the campuses, LEARN and also local Internet Service Providers. The ISPs see it as a misuse.  Therefore, getting it free for long term might be impossible.

This message is to kindly get you aware that how you could easily keep the infrastructure very lightly loaded, hence get the data consumption reduced (below 70MB per hour). It should help more and more people to make use of the facilities (resources). It should also help ISPs to give it free for us a longer period. Further, if any charge, it should be very little.


The way to do is very simple

 1. Please advise your student to keep their Audio and Video muted during the period of entire lecture

 2. Please keep your Video off most of the time

 3. You can keep your Presentation and Audio on during the entire lecture