Technically Speaking: Securing Your Personal Zoom Accounts

As health care providers, it is our duty to safeguard our patients’ protected information. And as professionals, it is our duty to keep private matters private. Last spring, our security team learned of multiple instances when uninvited users joined a meeting, were confronted and left the meeting without saying a word. While these incidents may have been accidents, they were suspicious enough to warrant widespread conversations regarding masking meeting details in Outlook calendar settings. Now another similar vulnerability has been brought to the fore.

This time the risk lies within Zoom. Zoom, if by some odd chance you’ve never heard of it (where have you been?), is a video conferencing platform that lets users communicate via virtual meetings. It’s a powerful tool that has, along with its competitors, allowed us to maintain productivity throughout the pandemic while also keeping safely separate from one another. Children’s has an enterprise account, but Zoom also allows individuals to create accounts of their own. Many of you have already done this, which is totally acceptable; however, individual users are often not utilizing the built-in security features that Zoom offers.  This creates a security risk.

Therefore, beginning Nov. 1, all accounts created in Zoom with a Children’s email address will require the use of the waiting room feature and meeting passwords. This change will apply to all Children’s domain accounts, whether assigned through Children’s, or self-requested through Zoom. While it may not seem like much, this will make meetings as secure as reasonably possible and keep unwanted guests out.

As a reminder, Children’s encourages the use of Zoom for meetings with 50 or more participants and Virtual Care appointments. WebEx is to be used for all other use cases.

Thank you for your cooperation, your understanding and for all you do to make our digital world safe and sound. Please contact Mark Vande Brake if you have any questions about Zoom, or reach out to me regarding any other technology issues.

Special thanks to Melissa Rappl, chief information security officer, and Mark Vande Brake, teleconference/av analyst, for their contributions to this week’s piece.

Stephen Dolter, M.D., CMIO

Leave a Reply

Your email address will not be published. Required fields are marked *