Re: Zoom Communication

["Bukowski, David" <bukowski () COD EDU>]

The Zoom "security" concerns were brought up during GrimmCon yesterday.  @HackingDave (Dave Kennedy) did a great 
closing keynote speech and this was one of his topics.  He brought up the way of how the security 
professionals/researchers who publicly criticized Zoom and likened it to a bunch of kids and how they act childishly.  
It is good to bring up the security concerns, but the way it is brought up is important.  The way Zoom handled it and 
pretty much got patches out in a day is significant.  Do we see other vendors pump out fixes as they come in as fast as 
Zoom did.  Not usually.  So I commend Zoom on the prompt response they did in getting fixes issued.
It is only as secure as you are in responsible for it.  If you are lax in your deployment, then your security is going 
to be lax as well.  If you deploy it properly and have users be responsible, it is a fairly secure platform.
So a lot of the "Security Hype" was uncalled for by the media.

________________________________
From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Rose, Henry 
<harose () PVAMU EDU>
Sent: Wednesday, April 15, 2020 12:54:00 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Zoom Communication

Hello everyone,

We sent emails, posted guidelines, and enabled some zoom security features across the board as the default. We worked 
with our academic team to send out a notice from our President and Provost on keeping safe in zoom.

We also incorporated into our security training from a general overall safe web/video conferencing guidelines for all 
platforms utilized in the environment.


Best Regards,

Henry Rose
Security Analyst II
Center for For Information Technology Excellence
P. O. Box 519, Mail Stop 1460 Prairie View, TX, 77446
Harrington Science


[cid:image001.jpg@01D04B80.E1EB84B0]<http://www.pvamu.edu/>
Follow PVAMU! [cid:image002.png@01D04B80.E1EB84B0] <http://www.facebook.com/pvamu> [cid:image003.png@01D04B80.E1EB84B0] 
<http://twitter.com/pvamu> [cid:image004.png@01D04B80.E1EB84B0] <http://www.flickr.com/photos/pvamu/sets/> 
[cid:image005.png@01D04B80.E1EB84B0] <http://www.youtube.com/pvamu>
 Rm 311E
Tel: (936) 261-9353| Fax: (936) 261-9342
Email: harose () pvamu edu<mailto:harose () pvamu edu>



From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Kevin C. Kelly
Sent: Wednesday, April 15, 2020 12:09 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Zoom Communication


Hi Everyone,

Much like other institutions across the country/world, we published some recommended guidelines for our users to follow.

https://www.ias.edu/computing/services/zoom-privacy-and-security<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ias.edu_computing_services_zoom-2Dprivacy-2Dand-2Dsecurity&d=DwMF-g&c=aKVGQ2uftgEtyjWUfhfCVjzs5Cm37_HE6-sIB-MDAow&r=FieNZpaN22lxzhpzKAafkQ&m=c1fI1JpYQTzQJGAkTUVYn7pvdDh-XhILh6c-O6bdouU&s=97-sfVLg3EfBFz_WzAJ6pNd_y1baPnQtPfD9np-osFc&e=>

We keep an eye on the information Zoom is providing and update this information as needed.

Thanks and stay safe everyone!

Kevin

IT Manager, School of Mathematics
Institute for Advanced Study
1 Einstein Drive
Princeton, NJ 08540
USA
On 4/15/20 11:53 AM, Pete, Andrew wrote:
Hi Everyone,

I have a question for those institutions who are utilizing Zoom.  How are you handling security and privacy concerns 
brought by users in light of all the press?  I’m interested in how you are handling things overall and specifically if 
you have sent out any communications to reassure users?  If you have sent a communication, would you be willing to 
share it?

Thanks,


Andrew Pete
Information Security Architect

New England Institute of Technology
One New England Tech Boulevard
East Greenwich, RI 02818-1205
401-780-4460 (Direct)
apete () neit edu<mailto:apete () neit edu>

[NEIT_Full_Stack_H_White_BG_PNG1]



**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.educause.edu_community&d=DwMF-g&c=aKVGQ2uftgEtyjWUfhfCVjzs5Cm37_HE6-sIB-MDAow&r=FieNZpaN22lxzhpzKAafkQ&m=c1fI1JpYQTzQJGAkTUVYn7pvdDh-XhILh6c-O6bdouU&s=Tg54n8MSZNXrxybCM6AR2o77bRXmgbULZYWGkQQgFfA&e=>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.educause.edu_community&d=DwMF-g&c=aKVGQ2uftgEtyjWUfhfCVjzs5Cm37_HE6-sIB-MDAow&r=FieNZpaN22lxzhpzKAafkQ&m=c1fI1JpYQTzQJGAkTUVYn7pvdDh-XhILh6c-O6bdouU&s=Tg54n8MSZNXrxybCM6AR2o77bRXmgbULZYWGkQQgFfA&e=>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community