My Authors
Read all threads
Re: NYC blocking Zoom

I like Matthew a lot, but I don't feel this is a "dumb overreaction."

As a security admin overseeing 40K+ students and participating in communities serving over 1.5M students, I would love to shed some light on the difficulties Zoom has created for us.
First, let's start with Zoombombing. The answer seems very simple - let's add a password. The problem is that many places allowed teachers to go create their own accounts, and we had to rely on them reading email from IT.

Is that ever 100% effective?

For those of us who do have an admin console to control settings, sure we can change the settings to add a password, but that only affects future meetings (according to the console), not past meetings.

Again, communicating to teachers to change existing meetings? This is hard.
Zoom also provided no way to cancel or modify those existing meetings, so it seemed we were out of luck.

Fortunately, Zoom has done the right thing and appears to have updated all meetings for us (according to staff reports too).

support.zoom.us/hc/en-us/artic…
On to #FERPA

I think there's a big misunderstanding at NYC here. Zoom's Basic accounts do not have controls to allow us to comply with FERPA laws.

Zoom "upgraded" these Basic accounts to add those controls, so if we are setting them properly, then we are covered.
I think this is a great question.

Schools have very weird threat models. If we create accounts for students, they can use school resources to video and chat with each other in something where we have limited auditing capabilities.

This should matter.

Without going into specifics, in my network, we have had numerous luring cases, CP cases, and plenty of things we would consider "normal" for adult relationships.

Schools providing resources with no controls keeping students safe is irresponsible.

College and older? Who cares.
Now on to actual security of the product. Again, our threat model is weird.

Students will find your PoC and attempt to use it - they are awesomely curious.

Zoom's long running bad practices and how they have handled it is what bothers me. There will always be vulnerabilities.
And privacy? They have explicitly signed privacy agreements that they have broken, though these seem to have been "oversights."

I don't trust them to handle our data the way they are claiming based on previous experiences, and recent news has only made that distrust worse.
Given the choice, I think I would still stick with Zoom though.

Forcing thousands of teachers to lose existing investments and learn something new is a big deal.

The risk is students getting exposed to bad stuff, but that can happen on other poorly configured platforms too.
One last comment based on some messages - listening to your community is an important part of school culture.

I don't know the nuances of NY, but I do know we have received communication from concerned parents.

It's hard to balance this well while still valuing your community.
Missing some Tweet in this thread? You can try to force a refresh.

Enjoying this thread?

Keep Current with Nathan McNulty

Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!