July 6, 2021

Regardless of where you work or what you do, security matters. Zoom continues to improve the user experience so organizations from all industries can achieve seamless and secure collaboration.

  • Protecting your meetings – Zoom offers several tools to protect your meetings, helping manage participant activity, information sharing, and more.
  • Protecting your data – Communications are established using 256-bit TLS encryption and meeting, webinar and messaging Content can be encrypted using AES-256 encryption, and optional end-to-end encryption.
  • Protecting your privacy – Zoom is committed to protecting your privacy. We’ve designed policies and controls to safeguard the collection, use, and disclosure of your information.

While all of Zoom’s security features are industry-agnostic, in this article we will highlight a few key features that are vital for addressing certain sector-specific pain points.

General in-meeting controls for all industries

Each business that uses Zoom’s platform does so in a way that addresses their unique needs. Zoom Meetings comes with a security icon and set of in-meeting controls that help users across the board safeguard their meetings from uninvited guests. With these controls, hosts can:

  • Manage screen sharing
  • Lock the meeting
  • Set up two-factor authentication
  • Remove disruptive participants
  • Disable video, mute participants
  • Suspend participant activities
  • Turn off file transfer
  • Disable private chat
  • Report a user

All industries should keep these controls top of mind and train users on how to deploy them when necessary, helping to manage and secure the meeting experience.

Education

Educators need the right security tools available to help make sure their virtual classroom isn’t interrupted by outsiders or unwarranted hijinks:

  • At-Risk Meeting Notifier: Designed to proactively identify any issues with meeting privacy, the tool scans posts on public social media sites and other public online resources for Zoom Meeting links. If your class link was posted online, you’ll receive an email notification.
  • Chat Etiquette Tool: Automatically identifies keywords and text patterns in Zoom Chat and in-meeting chat and helps prevent users from sharing unwanted messages, such as those that include inappropriate language. It is important to note that the Chat Etiquette Policies are defined by account admins, not by Zoom, and that the tool does not send reports/flags to account admins or anyone else. Anyone interested in this feature should contact their customer success manager (CSM) to turn it on.
  • Waiting Room: In your meeting settings under “Security,” you can toggle on the Waiting Room, which will send everyone to the virtual waiting area where you can admit them individually or all at once. In fact, the Waiting Room feature is on by default for K-12/primary and secondary education users.
  • Certifications, attestations, and standards: Zoom complies with and helps our customers enable compliance with the Family Educational Rights and Privacy Act (FERPA), which helps protect the privacy of student educational records.

Healthcare

Whether you’re conducting telehealth appointments or connecting medical communities virtually, patient privacy and well-being are always a top priority for healthcare organizations:

  • Advanced chat encryption: Allows for a secured communication where only the intended recipient can read the secured message, which helps medical staff coordinate quickly while safeguarding private patient data.
  • Required meeting passcodes: You can create a passcode and share with patients via email so they’re required to type in the secure password to be able to join a telehealth session, helping to add an extra layer of security to the interaction.
  • Certifications, attestations, and standards: Whether you’re a solo practitioner, small clinic, or enterprise health system, Zoom helps customers enable HIPAA-compliant programs by executing a Business Associate Agreement (BAA).

Financial services

Customer trust, and therefore business viability, is contingent on security. Securing client information is vital for any financial services organization:

  • Data routing control: Zoom users have the ability to select which data centers process their data in transit, or, in other words, data that is actively moving from one location to another across the internet. You can opt in or out of each specific data center region (except your default region where your account was provisioned) for data in transit, helping to maintain more control over where information travels.
  • End-to-end encryption: When enabled, this feature uses the same 256-bit AES GCM encryption that supports standard Zoom Meetings to help encrypt communication between all meeting participants. The only difference is that the cryptographic keys are known only to the devices of the meeting participants. This means that no third party — including Zoom — has access to the meeting’s private keys.
  • Meeting and Webinar Archiving: Allows account administrators to set up an automated mechanism to collect and archive meeting data to a third-party platform of their choice and hence, satisfy FINRA and/or other compliance requirements. Unlike Cloud Recording, which saves video, audio, and chat/transcription files to the Zoom Cloud, the Archiving API collects webinar and meeting data/metadata necessary for certain compliance guidelines, as well as the audio, video, and chat files if set in the API call.
  • Certifications, attestations, and standards: We subject our services to security safeguards designed to protect the confidentiality and security of customer information. These safeguards can help our customers meet their Gramm-Leach Bliley Act, NY DFS, GDPR, and other security compliance requirements.

Government

Government institutions need to collaborate in real-time while protecting the exchange of crucial data. Zoom for Government is designed to meet the specialized requirements and needs of the U.S. Government, Zoom for Government offers the same experience as the standard Zoom platform, but is a separate platform designed to adhere to federal security standards:

  • U.S.-based staff and data centers: Zoom for Government leverages the U.S.-based GovCloud infrastructure and U.S.-based co-located data centers. It is deployed and managed by U.S. persons only. This feature is exclusive to Zoom for Government.
  • Cross-platform privacy features: Zoom has released a number of privacy features that help give Zoom and Zoom for Government customers alike more insight and control over the privacy of their meetings. These features help protect the privacy of crucial information exchanged over our platform. They include preventing participants from joining via multiple devices at the same time or from a different device after being removed from a meeting, the ability to require only authenticated users to join meetings, and more.
  • Certifications, attestations, and standards: The platform’s controls support important attestations and commitments, including FedRAMP Moderate, DOD IL2, FIPS 140-2 cryptography, HIPAA, and 300+ NIST controls.

Zoom’s technology deploys easy-to-use security features to help organizations create a realistic and scalable approach to security that will evolve as the business does.

As your telecom and IT solutions expert, REACH takes pride in keeping you connected. We leverage our expertise and resources to help you manage carrier relationships, maintain high levels of customer service, and keep your focus on allocating your employees to revenue-generating responsibilities. Leverage our full suite of services. Get in touch with us today by calling Valerie at 715-330-4200 or filling out our contact form.