UW-Madison Zoom - Secure Zoom Overview

This document provides an overview of what Secure Zoom is, who is eligible, the differences between a Standard Zoom and Secure Zoom account, and more.

Overview

What is Secure Zoom?

Secure Zoom is an environment that was requested by and created for the UW–‍Madison’s Health Care Component (HCC) population. It was configured in collaboration with the Office of Compliance and the Office of Cybersecurity to implement additional controls for increased security and reduce risk to meet HIPAA requirements

Effective October 5, 2021, units classified as being a Health Care Component (HCC) and groups related to these units, will be required to use a Secure Zoom account. Units who are not part of HCC and would like to join the Secure Zoom group can sign up for Secure Zoom account here: https://forms.gle/W17We3d5j3HCrPAY8 .

Eligibility

  • UW-Madison Faculty
  • UW-Madison Staff
  • UW-Madison Students
  • Important: Alumni, Emeriti, and Retirees with IT Services are not currently eligible for UW-Madison Zoom and cannot create a consumer Zoom account (https://zoom.us/) using any address ending in @wisc.edu.

What is the difference between a Standard Zoom account and a Secure Zoom account?

  • Standard Zoom account - In general, this is the default account type when a UW-Madison Zoom account is created for an eligible user.  Most account settings can be modified to meet the needs of the host and/or attendees. 
  • Secure Zoom account - Individuals with a Secure Zoom account are affiliated with the Health Care Component (HCC) based on their employee record. This account type will have more account setting restrictions to ensure individuals in the HCC are adhering to HIPAA requirements. A few account settings may be grayed out and locked to ensure enhanced security is consistent during meetings. Note: These account settings will impact attendees while they are in a meeting hosted by a Secure Zoom account. If an attendee attends a meeting hosted by any other account type, they will not be subject to the same Secure Zoom account setting restrictions.

How can I tell what type of Zoom account I have?

You can learn how to view your account type by viewing your group listing here: https://kb.wisc.edu/zoom/112923 .

Zoom desktop/mobile app version requirement 

Individuals using a Secure Zoom account and participants who attend meetings hosted by a Secure Zoom account must use a Zoom desktop or mobile app version of 5.17 or later. See below for resources:

Service accounts in Secure Zoom

We are working on formalizing a process for reviewing requests for a service account in Secure Zoom. Currently, requests are being reviewed in collaboration with the Office of Compliance. If you would like to request a service account in Secure Zoom, please contact the DoIT Help Desk and provide a detailed use case. Please note, due to the level of risk service accounts pose in Secure Zoom, very few use cases may be approved. Below are some of the risks of using a service account in Secure Zoom:

  • Duo is not enforced for service accounts.
  • Account activity logs will reflect the service account, not an individual if an incident were to occur. 
  • Individuals can share the service account's credentials.

Compare Standard Zoom and Secure Zoom account settings

Security Settings

Your settings allow you to enable or disable features for your meetings. These settings control user and meeting authentication, waiting room, and passcode requirements. The Zoom setting status indicators are:

  • Enabled: blue enabled Zoom setting
  • Disabled: gray disabled Zoom setting
Setting Description Default UW-Madison Standard Account Default UW-Madison Secure Zoom Account
Require that all meetings are secured with one security option Require that all meetings are secured with one of the following security options: a passcode, Waiting Room, or "Only authenticated users can join meetings." If no security option is enabled, Zoom will secure all meetings with Waiting Room. Disabled Enabled, Locked
Waiting Room When participants join a meeting, place them in a waiting room and require the host to admit them individually. Enabling the waiting room automatically disables the setting for allowing participants to join before host. Enabled Enabled
Waiting Room Options Everyone will go into the waiting room
  • Users not in your account
  • Users who are not in your account and not part of the allowed domains
Enabled Enabled
Require a passcode when scheduling new meetings A passcode will be generated when scheduling a meeting and participants require the passcode to join the meeting. The Personal Meeting ID (PMI) meetings are not included. Enabled Enabled
Require a passcode for instant meetings A random passcode will be generated when starting an instant meeting Enabled Enabled
Require a password for Personal Meeting ID (PMI)
  • Standard Accounts: Only meetings with Join Before Host enabled
  • Secure Zoom Accounts: All meetings using PMI
Enabled Enabled
Webinar Passcode A passcode will be generated when scheduling a Webinar and participants require the passcode to join the Webinar.
Secure Zoom Accounts require a passcode for webinars that have already been scheduled.
Enabled Enabled, Locked
Require passcode for participants joining by phone A numeric passcode will be required for participants joining by phone if your meeting has a passcode. For meeting with an alphanumeric passcode, a numeric version will be generated. Enabled Enabled
Embed passcode in invite link for one-click join Meeting passcode will be encrypted and included in the invite link to allow participants to join with just one click without having to enter the passcode. Enabled Enabled
Only authenticated users can join meetings The participants need to authenticate prior to joining the meetings, hosts can choose one of the authentication methods when scheduling a meeting. Disabled Disabled
Meeting Authentication Options
  • Standard Accounts: Sign in to Zoom (default)
  • Secure Zoom Accounts: Sign in with @wisc.edu (default)
  • Both accounts - Allow authentication options. When scheduling a meeting, the host can invite users who can bypass authentication.

If Waiting Room is enabled, phone-only users will be placed in the Waiting Room.

If Waiting Room is not enabled, phone dial-in only users will be allowed to join the meeting.

Enabled Enabled
Only authenticated users can join meetings from Web client The participants need to authenticate prior to joining meetings from web client Enabled Enabled

Schedule Meeting Settings

Your settings allow you to enable or disable features for your meetings. These settings control video, audio, and Personal Meeting IDs. The Zoom setting status indicators are:

  • Enabled: blue enabled Zoom setting
  • Disabled: gray disabled Zoom setting
Setting Description Default UW-Madison Standard Account Default UW-Madison Secure Zoom Account
Host Video Start meetings with host video on Enabled Enabled
Participants Video Start meetings with participant video on. Participants can change this during the meeting. Enabled Enabled
Audio Type Determine how participants can join the audio portion of the meeting. When joining audio, you can let them choose to use their computer microphone/speaker or use a telephone. You can also limit them to just one of those audio types. If you have 3rd party audio enabled, you can require that all participants follow the instructions you provide for using non-Zoom audio.
  • Telephone and Computer (Standard and Secure Zoom)
  • Audio Telephone
  • Computer Audio
Enabled Enabled
Join before host Allow participants to join the meeting before the host arrives Disabled Disabled
Allow Zoom Rooms to start meeting with Host Key Transfer hosting permissions from your account to the Zoom Room device. The Zoom Room will host the meeting. N/A Disabled, Locked
Enable Personal Meeting ID A Personal Meeting ID (PMI) is a 9 to 11 digit number that is assigned to your account. You can visit Personal Meeting Room to change your personal meeting settings. Learn more Enabled Enabled
Use Personal Meeting ID (PMI) when scheduling a meeting You can visit Personal Meeting Room to change your Personal Meeting settings. Disabled Disabled
Use Personal Meeting ID (PMI) when starting an instant meeting Disabled Disabled
Mute participants upon entry Automatically mute all participants when they join the meeting. The host controls whether participants can unmute themselves. Enabled Enabled
Upcoming meeting reminder Receive desktop notification for upcoming meetings. Reminder time can be configured in the Zoom Desktop Client. Enabled Enabled
Tracking Pixel - Webinar Allow webinar hosts to add a tracking pixel to Registration and Registration Successful pages to track page views. Enabled Enabled

In Meeting (Basic) Menu Settings

Your settings allow you to enable or disable features for your meetings. These settings control chat, polling, screen sharing, feedback, and reactions. The Zoom setting status indicators are:

  • Enabled: blue enabled Zoom setting
  • Disabled: gray disabled Zoom setting
Setting Description Default UW-Madison Standard Account Default UW-Madison Secure Zoom Account
Require encryption for 3rd party endpoints (SIP/H.323) By default, Zoom requires encryption for all data transferred between the Zoom cloud, Zoom client and Zoom Room. Turn on this setting to require encryption for 3rd party endpoints (SIP/H.323) as well Enabled Enabled, Locked
Chat Allow meeting participants to send a message visible to all participants
  • Check box to prevent participants from saving the chat
  • By default, allow participants to chat with Everyone
  •  
Enabled Enabled
Private chat Allow meeting participants to send a private 1:1 message to another participant. Disabled Disabled
Auto saving chats Automatically save all in-meeting chats so that hosts do not need to manually save the text of the chat after the meeting starts Enabled Enabled
Sound notification when someone joins or leaves Play sound for:
  • Standard Account: Host and co-hosts only
  • Secure Zoom Account: Everyone

When each participant joins by telephone:
  • Record and play their own voice
Enabled Enabled
Send files via meeting chat Hosts and participants can send files through the in-meeting chat Disabled Disabled, Locked
Send files via webinar chat Hosts and participants can send files through the in-meeting chat Disabled Disabled, Locked
Feedback to Zoom Add a Feedback tab to the Windows Settings or Mac Preferences dialog, and also enable users to provide feedback to Zoom at the end of the meeting Disabled Disabled
Display end-of-meeting experience feedback survey Display a thumbs up/thumbs down survey at the end of each meeting. If participants respond with thumbs down, they can provide additional information about what went wrong. Disabled Disabled
Co-host Allow the host to add co-hosts. Co-hosts have the same in-meeting controls as the host Enabled Enabled
Meeting Polling Allow host to use 'Polls' in meetings. Hosts can add polls before or during a meeting. Enabled Enabled
Meeting survey Allow host to present survey to participants once a meeting has ended.
  • Allow host to use a 3rd-party survey link
Enabled Enabled
Webinar Polling Allow host to use 'Polls' in webinars. Hosts can add polls before or during a webinar. Enabled Enabled
Webinar Survey Allow host to present surveys to attendees once a webinar has ended.
  • Allow host to use a 3rd-party survey link
Enabled Enabled
Always show meeting control toolbar Always show meeting controls during a meeting Disabled Disabled
Show Zoom windows during screen share Disabled Disabled
Screen sharing Allow host and participants to share their screen or content during meetings
Who can share?
  • Host Only
  • All Participants

Who can start sharing when someone else is sharing?
  • Host Only
  • All Participants
Enabled Enabled
Disable desktop/screen sharing for meetings you host Disable desktop or screen share in a meeting and only allow sharing of selected applications Disabled Enabled
Disable screen sharing when guests are in the meeting Guests include users who not signed in or not in the same account. Participants who dial-in via phone or join with SIP/H.323 devices will still be able to screen share. Disable Disable
Annotation Allow participants to use annotation tools to add information to shared screens
  • Allow saving of shared screens with annotations
  • Only the user who is sharing can annotate
Enabled Enabled
Whiteboard Allow host and participants to share a whiteboard during a meeting
  • Allow saving of whiteboard content
  • Auto save whiteboard content when sharing is stopped
Enabled Enabled
Remote control During screen sharing, the person who is sharing can allow others to control the shared content Disabled Disabled
Nonverbal feedback Participants in a meeting can provide nonverbal feedback and express opinions by clicking on icons in the Participants panel Enabled Enabled
Meeting Reactions Allow meeting participants to communicate without interrupting by reacting with an emoji that shows on their video. Reactions disappear after 10 seconds. Participants can change their reaction skin tone in Settings.
  • All Emojis
  • Selected emojis
Enabled Enabled
Join different meetings simultaneously on desktop Allow user to join different meetings at the same time on one desktop device. Disabled Disabled
Allow removed participants to rejoin Allows previously removed meeting participants and webinar panelists to rejoin Disabled Disabled
Allow participants to rename themselves Allow meeting participants and webinar panelists to rename themselves Disabled Disabled
Hide participant profile pictures in a meeting All participant profile pictures will be hidden and only the names of the participants will be displayed on the video screen. Participants will not be able to update their profile pictures in the meeting. Disabled Disabled

In Meeting (Advanced) Menu Settings

Your settings allow you to enable or disable features for your meetings. These settings control captions, breakout rooms, joining from a browser, and live streaming. The Zoom setting status indicators are:

  • Enabled: blue enabled Zoom setting
  • Disabled: gray disabled Zoom setting
Setting Description Default UW-Madison Standard Account Default UW-Madison Secure Zoom Account
Report participants to Zoom Hosts can report meeting participants for inappropriate behavior to Zoom's Trust and Safety team for review. This setting can be found on the Security icon on the meeting controls toolbar Enabled Enabled
Breakout room Allow host to split meeting participants into separate, smaller rooms
  • Allow host to assign participants to breakout rooms when scheduling
Enabled Enabled
Remote support Allow meeting host to provide 1:1 remote support to another participant Disabled Disabled
Closed captioning Allow host to type closed captions or assign a participant/third party device to add close captions

Standard Account:
  • Allow use of caption API Token to integrate with 3rd-party Closed Captioning services
  • Allow live transcription service to transcribe meeting automatically
  • Allow viewing of full transcript in the in-meeting side panel

Secure Account:
  • Allow use of caption API Token to integrate with 3rd-party Closed Captioning services
  • Allow live transcription service to transcribe meeting automatically
  • Allow viewing of full transcript in the in-meeting side panel
Enabled Enabled
Save captions Allow participants to save fully closed captions or transcripts Enabled Disabled, Locked
Language Interpretation Allow host to assign participants as interpreters who can interpret one language into another in real-time. Host can assign interpreters when scheduling or during the meeting.
9 languages: English, Chinese, Japanese, German, French, Russian, Portuguese, Spanish, Korean
Enabled Enabled
Far end camera control Allow another user to take control of your camera during a meeting Disabled Disabled, Locked
Group HD video Activate higher quality video for host and participants. (This will use more bandwidth.)
  • Standard HD (720P)
  • Full HD (1080P)
Enabled Enabled
Virtual background Allow users to replace their background with any selected image. Choose or upload an image in the Zoom Desktop application settings Enabled Enabled
Video filters Turn this option on to allow users to apply filters to their videos Disabled Disabled
Immersive View Allow hosts to curate case-specific scenes, such as a classroom or boardroom for their meetings or webinars. Disabled Disabled
Focus Mode A mode that shows only hosts and co-hosts' video and profile pictures during a meeting. Focus Mode can be found in the "More" menu in the in-meeting toolbar. Disabled Disabled
Identify guest participants in the meeting/webinar Participants who belong to your account can see that a guest (someone who does not belong to your account) is participating in the meeting/webinar. The Participants list indicates which attendees are guests. The guests themselves do not see that they are listed as guests Disabled Enabled
Auto-answer group in chat Enable users to see and add contacts to 'auto-answer group' in the contact list on chat. Any call from members of this group will be automatically answered Disabled Disabled
Only show default email when sending invites Allow users to invite participants by email only by using the default email program selected on their computer Disabled Disabled
Use HTML format email for Outlook plugin Use HTML formatting instead of plain text for meeting invitations scheduled with the Outlook plugin Disabled Disabled
Allow users to select stereo audio in their client settings Allow users to select stereo audio during a meeting Enabled Enabled
Allow users to invite a Room Connector Device to a meeting Enabled Enabled
Show H.323/SIP device list Show the list of H.323/SIP devices in the Call Out tab for "Invite a Room System" Enabled Enabled
Only the host can view the H.323/SIP device list Show the list of H.323/SIP devices only to the meeting host in the Call Out tab for "Invite a Room System" Disabled Disabled
Show a "Join from your browser" link Allow participants to bypass the Zoom application download process, and join a meeting directly from their browser. This is a workaround for participants who are unable to download, install, or run applications. Note that the meeting experience from the browser is limited Enabled Enabled
Show "Always Join from Browser" option when joining from join.zoom.us Allow account members to enable "Always Join from Browser" when they join meetings from join.zoom.us Disabled Disabled
Allow live streaming meetings Disabled Disabled
Allow live streaming of webinars FacebookWorkplace by FacebookYouTube
    • Custom Live Streaming Service

  • When the webinar has reached capacity, remind users to watch the live stream (doesn't apply to custom RTMP).
Enabled Disabled
Show a custom disclaimer when starting or joining a meeting Create your own disclaimer that will be shown at the start of all meetings hosted by your account. Disabled Disabled
Request permission to unmute Select this option in the scheduler to request permission to unmute meeting participants and webinar panelists. Permissions, once given, will apply in all meetings scheduled by the same person Disabled Disabled
Enable "Stop incoming video" feature Allows meeting participants to turn off all incoming video feeds on their screen (does not affect other participants’ screens). To access this feature, click the view button at the top-right corner of your screen. Enabled Enabled

Email Notification Settings

Your settings allow you to enable or disable features for your meetings. These settings control when e-mail notifications are sent to meeting hosts, alternate hosts, and participants. The Zoom setting status indicators are:

  • Enabled: blue enabled Zoom setting
  • Disabled: gray disabled Zoom setting
Setting Description Default UW-Madison Standard Account Default UW-Madison Secure Zoom Account
When a cloud recording is available Notify host when cloud recording is available
  • Send a copy to the person who scheduled the meeting/webinar for the host
  • Send a copy to the Alternate Hosts
Enabled Enabled
When attendees join meeting before host Notify host when participants join the meeting before them Enabled Enabled
When a meeting is cancelled Notify host and participants when the meeting is cancelled Enabled Enabled
When an alternative host is set or removed from a meeting Notify the alternative host who is set or removed Enabled Enabled
When someone scheduled a meeting for a host Notify the host there is a meeting scheduled, rescheduled or cancelled Enabled Enabled
When the cloud recording is going to be permanently deleted from trash Notify the host 7 days before the cloud recording is permanently deleted from trash Enabled Enabled

Other Settings

Your settings allow you to enable or disable features for your meetings. The Zoom setting status indicators are:

  • Enabled: blue enabled Zoom setting
  • Disabled: gray disabled Zoom setting

Setting Description Default UW-Madison Standard Account Default UW-Madison Secure Zoom Account
Blur snapshot on iOS task switcher Enable this option to hide potentially sensitive information from the snapshot of the Zoom main window. This snapshot display as the preview screen in the iOS tasks switcher when multiple apps are open Enabled Enabled
Direct call a room system Call a SIP/H.323 room system directly from the client.
Enable direct call to a room system from client. This adds a 'Call Room' button to the client home page.
Disabled Disabled
Invitation Email Your meeting attendees will receive emails in language based upon their browser/profile settings. Choose languages which your expected attendees will receive content in to edit. English English
Schedule Privilege You can assign users in your account to schedule meetings on your behalf. You can also schedule meetings on behalf of someone that has assigned you scheduling privilege. You and the assigned scheduler must be on a Paid plan within the same account. Enabled Enabled