Zoom Video Conferencing – Who Gives a Sh*t About Security Anyway

by | Apr 14, 2020 | Covid-19, Security, Strategy

You’re stuck working at home like everyone else and your company suddenly needs to figure out how to handle team communication while the COVID-19 pandemic is happening. Someone does a quick search for tools and they find Zoom, a newer platform that is popular with millennials and getting some good press. Why go with some old dodgy system that has been around for many many years when you can use something cool, hip, and new? Zoom is super easy to use, looks cool (hey, I can have a funky background that lets me look like I’m on the beach), and is free or pretty darn inexpensive. I’m in!

During the COVID-19 pandemic, it’s still important to spend time vetting a new corporate system

Since so many people give a sh*t about cybersecurity because they think they have nothing that would make them a target, why look into the security of the new tool you plan on using for nearly all your company communications for meetings?! After all, there will be no sensitive discussions like finances, HR, strategy, sales, etc. via videoconference while we are sheltering in place for months.  So, if someone hacks in, it is no big deal, right?

Sadly, this seems to have been the predominant thinking behind video conferencing tool selection during the pandemic. Quick and easy is the most important selection criteria. Today, even Zoom wishes it had paid closer attention to cybersecurity. Remember what I’ve said about hacker trophy hunting? While Zoom has caught the ultimate demand wave during the pandemic, it has, unfortunately, been blatantly ignoring security within its own platform!!  Ultimately, this caused a perfect cybersecurity storm. Hacker sharks in the virtual waters causing panic and fiascos with a multitude of schools, companies, churches, and anyone else using the Zoom platform. Ouch!!

I’ve been accused of vulgarity. I say that’s bullsh*t.”  ― Mel Brooks

If you didn’t jump on the No-due-diligence Zoom bandwagon, good for you!

My guess is that when needed, you chose to work with a tried and true videoconferencing platform like Cisco Webex, GoToMeeting, or even your internal “boring” Microsoft Teams. These systems, for the most part, are not “cool” or cheap, but they are generally secure and reliable. They are now adding features to securely make them more fun to use too.

But, if you did…

If you are using Zoom, then at least use a passcode for all conferences and update the program to the latest version. With all the recent heat Zoom has received, it has been frantically pushing security updates and working overtime trying to rebuild its reputation as an enterprise-level solution. I hate to say it but I told you so: Cost of Ransomware Prevention Versus Recovery

The moral of the story is that security should be a part of your thinking—ALWAYS. About technology, about business, about pretty much everything these days. Make it a part of all your purchases and processes, even if you need to move fast and think it will not matter much. In the end, cybersecurity does matter and it seems to matter more with the mundane, easy, simple, little things.

Stay healthy and stay safe!

 

If you want some more recommendations, please contact me. I’ll be glad to give you the names of some of the tools our clients leverage. Shoot me an email (jahlberg[at]waident.com) or give me a call (630-547-7011)

(NOTE: We do NOT share our tool names via our posts. Cybersecurity best practices recommend NOT to because doing so creates unneeded risks as hackers are always searching for vulnerabilities).

Dig Deeper

COVID 19 + Working From Home = CyberRisk

Making Smarter Pandemic IT and Cybersecurity Decisions: Avoid Doing Good, Then Getting Hacked

Cybersecurity In The Days Of COVID-19

John Ahlberg, CEO, Waident Technology Solutions

John Ahlberg
CEO, Waident

CIO in the corporate world and now for Waident clients. John injects order and technology into business process to keep employees productive, enterprises running, and data safe.

Recovering from Cyber Risks in SMBs Using the NIST Framework

Recovering from Cyber Risks in SMBs Using the NIST Framework

A ransomware attack happens every 11 seconds. In 40% of companies that get hacked, the same organization is hit again within 9 months. I don't share that to scare you (Although, it should get your attention.) It happens because companies think they have addressed and...

Responding to Cyber Risks in SMBs Using the NIST Framework

Responding to Cyber Risks in SMBs Using the NIST Framework

Prudent business leaders and risk managers understand that identifying, protecting against, and detecting risks are necessary, albeit fallible, actions to mitigate a complex world full of risks. As we have seen from prior posts, cost, time, and resource tradeoffs...

Detecting Cyber Risks in SMBs Using the NIST Framework

Detecting Cyber Risks in SMBs Using the NIST Framework

You have been following the NIST framework and have successfully identified the areas of risk and implemented protections against them. We're now at the stage to ensure that we are able to detect any breaches that make it over the proverbial "wall." This is a CRITICAL...

Share This