HEALTHCARE AT HOME:
THE ROWAN TECHNOLOGY REPORT
Serving the home health, home care and hospice industry since 1999.
Rethink Using Zoom for Healthcare Meetings
by Tim Rowan, Editor
Cyber-security experts are concerned, if not alarmed, by the rapid adoption of one video communication service, Zoom, over all others. For one thing they warn, it makes life easier for hackers, who only have to learn how to break into one platform. The system designed by Eric Yuan, after he and his partners sold WebEx to Cisco, was transformed overnight from a handy tool for casual family and small business conversations into an inexpensive, unsecure business meeting space. Experts are even more concerned when Zoom is used by healthcare.
A survey of recent warnings led us to two reports. The left column below explains Zoom's dangers. The report on the right offers alternatives to consider.
Should Healthcare Be Using Zoom?According to a study by online cyber-security news service "BleepingComputer," over 500,000 Zoom accounts are being sold on the dark web and hacker forums for less than a penny each, and in some cases, given away for free.
These credentials are gathered through credential stuffing attacks where threat actors attempt to login to Zoom using accounts leaked in older data breaches. The successful logins are then compiled into lists that are sold to other hackers.
Some of these Zoom accounts are offered for free on hacker forums so that hackers can use them in zoom-bombing pranks and malicious activities. Others are sold for less than a penny each.
Cybersecurity intelligence firm Cyble told BleepingComputer that around April 1st, 2020, they began to see free Zoom accounts being posted on hacker forums to gain an increased reputation in the hacker community.
These accounts are shared via text sharing sites where the threat actors are posting lists of email addresses and password combinations.
BleepingComputer's Lawrence Abrams wrote that the account details, which were taken through previous credential stuffing attacks, are posted on a number of dark web sites and hacker forums after they are sorted through and put into lists.
Abrams spoke with cybersecurity intelligence firm Cyble, which tried to warn victims after buying about 530,000 Zoom login details for about $0.0020 per account through a hacker forum.
Cyble researchers told Abrams that the accounts they bought came with the email address, password, personal meeting URL, and HostKey of each victim.
Hackers use these account credentials for nefarious uses as well as juvenile ones, including the recent trend of Zoom bombing, which has been reported by schools, governments and businesses.
Now that millions of organizations are using Zoom and other video conferencing platforms to conduct all kinds of business, cyber-criminals have shown increased interest in login details or potential vulnerabilities that can be exploited.
| If Not Zoom, Then What?
The coronavirus pandemic has irrevocably shifted the workforce, forcing many professionals to adapt to remote work. Because of this shift, more professionals than ever before are relying on video conferencing tools to conduct daily meetings or projects.
One of the apps that gained the most traction in the middle of COVID-19 was Zoom. March 2020 saw a 225% increase in Zoom connections compared to the previous month, and data usage rose by an overwhelming 877% on the platform, according to research from Wandera. However, a recent influx of security issues on Zoom has caused some fluctuation in Zoom use. Major companies including Google, SpaceX, and NASA have banned the use of Zoom across their staff.
Additionally, more than one-third of Zoom users said they now fear data leaks on the platform. For users wanting other video conferencing options, the following 10 are some of the most popular on the market.
Top 10 video conferencing platforms
Microsoft Teams is the built-in video conferencing in Office 365. However, anyone can sign up for the free version of Teams using a personal email address. The low tier version allows support for up to 300 members, guest access, one-on-one and group video/audio calls, screen sharing, and shared files up to 10GB per team. The business plans, however, offer more. Administors then have access to security, management, and compliance tools. Teams can share files up to 1TB per user and collaborate using desktop Office programs and SharePoint Online. Those versions also support online webinars and training sessions.
Microsoft's other popular product, Skype, is another well-known video chat experience. The platform supports up to 50 participants for an unlimited amount of time for free, which makes it ideal for smaller companies. The platform has a call recording feature that any member can use and allows users to save and share the recording for up to a month. Users must have the Skype app downloaded, however.
The web conferencing service from LogMein, GoToMeeting features audio and video sessions, screen sharing, and a mobile app for Android and iOS. The standard version, which allows for up to 150 team members, is offered for $14/month or $12/month annually. Medium-sized businesses can pay $19/month for the Business plan tier, which increases the range to 250 participants; and large businesses can choose the Enterprise plan that connects up to 3,000 users. Those interested in an Enterprise plan must contact GoToMeetings directly for pricing.
Another member of the LogMeIn team, Join.me is great for smaller businesses or those with a tighter budget. Audio-only meetings with screen sharing is available to anyone for up to three participants for free. Paid plans start with Lite, which is $10/host per month and allows for five meeting participants and no time limit. While video isn't an option for the lower-tier version, screen and window sharing are. Pro is $20 per month and allows for up to 250 meeting participants, 50GB of cloud storage, 10 webcam streams, recording options and scheduling. The Business edition has the features of Pro plus 1TB of cloud storage, enterprise authentication, and Salesforce integration.
Cisco Webex is another popular video conferencing platform. The free version has a significant amount to offer, with up to three users and 50 participants for 40 minutes. It also features HD video, screen-sharing and recording options. The paid plans include the Starter at $13.50/host per month with 50 attendees; the Plus at $17.95/month with 100 attendees; the Business at $26.95/month and five-license minimum for up to 200 attendees; the Enterprise plan is also an option, with pricing available upon request. The first two options allow for additional cloud storage and management features, but the Business Plan and up has single sign-on and support for Microsoft Exchange and Active Directory.
A smaller, cloud-based video conferencing service, BlueJeans offers high-quality streaming for smaller teams. Its three service options include the Me, My Team, and My Company. Under Me, users pay $19.98/month per user for up to 50 attendees. My Team is offered for $23.99/month per host, and adds 10 hours of cloud meeting recordings and a common dashboard for up to 75 users. My Company allows support for up to 150 participants and a room system calendar. Those interested in a My Company plan must contact BlueJeans directly for pricing.
AnyMeeting, under Intermedia Unite, brings together video conferencing, chat, and screen-sharing into one cloud-based platform that has VOIP capabilities and a high-level PBX system. The platform is secure, with end-to-end encryption and HIPPA features included in all editions. AnyMeeting has Starter, Lite, and Pro options that vary in cost based on the number of members an organization has. However, until 2021, users can get Pro for free.
Classic Google Hangouts for G Suite customers was retired in October 2019, but Hangouts Meet was born. This business version of the regular Hangouts allows for video meetings for G Suite subscribers, but external participants are still able to connect. The number of participants on G Suite Basic is limited to 100, but it goes up to 150 for Business, and 250 for Enterprise. To livestream with up to 100,000 audience members and record/save meetings to Drive, users will need G Suite Enterprise.
RingCentral offers an impressive free version, with up to 100 participants, unlimited one-on-one meetings, 40-minute group meetings, and desktop and application sharing. The next tier up is Meeting essentials for $14.99/month per user, which allows for unlimited group meetings and 1,000 Call Me minutes. Office Premium, from 34.99/month per user combines calling, messaging and meeting into one, facilitating team collaboration with unlimited video conferences and audio meetings.
Zoho Meetings features capabilities for webinars, training, and online meetings. The platform allows for audio, video, and screen sharing, as well as phone audio, recording, and calendar invites. Plans begin at $10/host per month for 100 participants and 10 recordings. For a webinar, plans start at $19/host per month for 25 attendees and go up to $79/host per month for 250 attendees and 25 recordings. |