Zoom Security

I’ve been closely following media reports about Zoom security — for example, unauthorized people “zoombombing” (infiltrating) meetings. Although some of the identified security concerns are real, experts note that Zoom has been responsive and rapidly implemented fixes. And I have yet to see a story specific to Zoom for Healthcare, the paid, HIPAA-compliant plan. At this point, I don’t think that we need to throw out the proverbial baby with the bathwater

According to David Nield at Wired, “[T]here are plenty of settings you can tweak to make Zoom a safer place for you and everyone else on the line.” Kate O’Flaherty, a cybersecurity journalist with Forbes, Nicole Nguyen at the Wall Street Journal, and the Federal Bureau of Investigation (FBI) all outline the same basic precautions

Zoom hosts should:

  • Allow Zoom to generate random Meeting IDs. Don’t use your Personal Meeting ID
  • Protect Meeting IDs. Don’t post them publicly
  • Allow Zoom to generate random passwords for each Meeting
  • Share passwords securely with invitees
  • Restrict screen sharing
  • Enable Waiting Room. This allows you to manage who enters your Meetings
  • Lock Meetings after everyone has entered. This prevents additional people from joining

The following screenshots demonstrate these settings and features (orange rectangles). Some of these are already default settings, but please verify that everything is in order in your Zoom dashboard

Zoom also allows hosts to remove participants at any point. ✸