Zoom Security

Zoom Security: Tips for Staying Safe in the Virtual World

We certainly live in interesting times. Like many technology companies, Dev Technology Group switched to remote-only work in March. We traded in offices in Northern Virginia, the District of Columbia and New Jersey for Zoom and Microsoft Teams. We traded in conferences rooms for video conferences. Our calendars filled up with so many meetings that we had to start reminding people to get up and take regular breaks. Stretch your legs. Drink plenty of water! And, of course, my now famous phrase “wash your hands.”

As the world around us changed, Dev Technology practiced a form of resilience at the same level I’d expect out of former Foreign Service colleagues.  We banded together and got the work done. We looked out for each other, checked in with each other, and made sure that we kept our communication channels open.

My daily job didn’t change much except what tools were getting the most attention. Overnight, Zoom usage skyrocketed (as did our Teams use). We got more data and feedback on how people were working (or sometimes not working) remotely than at any point since I started with the company last year. For a data-informed leader, it was insightful and timely.

Of course, Dev Technology wasn’t the only organization using these tools. Zoom had the sort of hockey-stick growth that looked a lot like a rocket—straight up—exceeding 200 million users in a span of weeks. As Zoom grew in popularity, so did the attention Zoom, and the people using it, received. In the last two weeks, a series of negative articles covering Zoom emerged. The volume, velocity, and severity of the issues grew to the point where even Dev Technology paused its use of Zoom to evaluate and regroup.

Dev Technology’s prohibition on using Zoom for corporate meetings lasted less than 48 hours. Zoom acknowledged and in many cases resolved the most serious problems in a matter of days. In fact, Zoom pushed two client updates inside of a week.  This commitment should be lauded.

Few technology companies can pivot this quickly or be so public about how they are addressing security and privacy. Every week, the CEO of Zoom is hosting a webinar to talk about what they are doing to continue to advance the promotion of security and privacy in the platform.

Millions are still using Zoom, and no doubt the press will continue to highlight stories that drive clicks.  The good news is that there is visible proof that Zoom is moving quickly to solve problems as they are identified. This should matter to organizations who use the software because transparency and commitment is important, and they are continually following it up with delivery. In many ways, Zoom’s actions are exactly what we would hope to see out of modern, agile companies.

In addition to changes that Zoom has to implement, there are plenty of simple things that can be done when setting up meetings. Here’s a quick list of the most important ones:

• Don’t share your Personal Meeting ID with untrusted people – Every Zoom user has a Personal Meeting ID.  This is a unique number and doesn’t change.  Once someone has this ID, they can always attempt to connect to the account owner.
• If a Personal Meeting ID is out on the Internet, change it – just like a phone number, Zoom makes it easy to change a Personal Meeting ID
• Set Passwords on your meetings, including the Personal Meeting ID – one of the simplest ways to control access to a meeting is simply set a password on it.  Zoom can autogenerate a password, or it can be set manually.
• Learn how to manage participants – Zoom provides a lot of controls for managing participants in a meeting, from muting participants on entry to booting them entirely.  Managing participants isn’t any different from managing any other social engagement and makes a difference in the outcome.
• Save recorded meetings to the cloud – And if you must locally record or download them, rename the recorded files and practice simple security best practices before saving them elsewhere.

Much like turning on two-factor authentication can significantly reduce the chances of being hacked, there are plenty of easy-to-implement and easy-to-use Zoom features that can make any meeting successful. The best part is that Zoom is a partner willing to acknowledge the challenges and implement corrective action quickly. We could all learn a lot from Zoom after this is crisis is over—and in the meanwhile we can all have safe, productive meetings with just a little planning.

/done