Videoconferencing service Zoom has experienced a heavy amount of publicity since the COVID-19 pandemic forced many schools to close their doors and engage in virtual lessons. The platform has been adopted everywhere from school systems to consumer virtual get-togethers – but with that added publicity came much scrutiny about the platform’s security flaws.
According to Fast Company, this week New York City’s Department of Education Chancellor Richard Carranza announced a ban on Zoom for public school systems. This is in response to a number of security and privacy issues with the Zoom platform.
The security issues have been reported often over the past several weeks. Most often referred to as a “Zoombomb,” threat actors can and have used meeting links to infiltrate Zoom sessions to display everything from racial slurs to pornographic images. In some cases, webcams have been hijacked during these sessions as well.
The videoconferencing platform came under further scrutiny when it was revealed that its iOS app had been sharing data with third parties, most notably Facebook. According to Fast Company, Letitia James, attorney general of New York, has sent a letter to Zoom requesting further information about its compliance with state laws, as this data sharing could potentially violate child privacy regulations.
Ultimately you can’t blame school systems for choosing a videoconferencing platform with a solid user interface that provides many benefits for teachers, such as muting disruptive students and screen sharing their lessons. COVID-19 struck so suddenly, and otherwise the vast majority of teachers would likely never need to conduct a virtual lesson. Specifically in K-12 environments.
Kudos to Carranza then for identifying the problem and rectifying it before things got worse. As technology managers it often feels like you need to get everything right on the first try, but pivoting from a technology that doesn’t work as you hoped is just as important as identifying new technologies in the first place.
The goal is training. Whatever platform you use (and make sure that it is one that can accomplish what teachers need) can be taught. Start with capabilities, vet cybersecurity, then train to ensure both of those come in tandem.