Security tips for lawyers using Zoom

Maura Mazurowski, BridgeTower Media Newswires

Social distancing has eliminated in-person interactions, causing lawyers to “meet” with clients through telephone calls or video conferencing.

One of the most popular video conferencing platforms is Zoom. Since the coronavirus outbreak, Zoom’s daily active users have shot up from approximately 10 million to 300 million as people use the platform for work meetings and social gatherings.

“[Zoom] is so successful because it’s very user friendly,” said Sharon Nelson, president of Sensei Enterprises, a digital forensics, information technology and cybersecurity firm in Fairfax, Virginia. “The clients love it, the lawyers love it and it doesn’t take any time at all to get the basics down.”

Despite its popularity, Zoom has come under a lot of scrutiny in recent weeks as more and more users began reporting privacy violations, including “Zoom-bombing,” when uninvited attendees enter video meetings in an attempt to disrupt them.

In an effort to address an onslaught of security concerns surrounding its services, Zoom announced a series of security and privacy updates being rolled out throughout the next month. One of the most significant is the decision to pause all new features to focus on security during the COVID-19 surge in users–similar to decisions made by Microsoft and Google.

“Over the next 90 days, we are committed to dedicating the resources needed to better identify, address, and fix issues proactively,” Zoom founder and CEO Eric Yuan said in a blog. “We are also committed to being transparent throughout this process. We want to do what it takes to maintain your trust.”

According to John Simek, vice president of Sensei, “end-to-end encryption” is what users are most excited about.

“End-to-end encryption means that the platform is encrypted from one end point to the other, so its data is protected throughout the entire path,” Simek said. “Even if it were intercepted, you can’t do anything with it.”

Though Nelson and Simek agree that the Zoom security updates are a welcome upgrade, they won’t do users – such as lawyers – any good if they don’t first take the time to understand the basics of the platform.

“Zoom has so intensified its security that most of its problems are now user error,” Nelson said, noting that many early instances of Zoom-bombing could have been prevented if the individual hosting a video conference had required attendees to enter a password before joining the meeting.

Since the coronavirus outbreak began, Nelson and Simek have taken it upon themselves to become master Zoom-users, teaching webinars for lawyers and other legal professionals on how to securely use the platform. Some of these “best Zoom practices” include how to schedule meetings, how to invite attendees, meeting management, meeting passwords and meeting etiquette.

Patrick Logan, founder of SELTEK in Richmond, offers top 10 tips for Zoom hosts to use to ensure security during business meetings:

• Use a password to allow entry.

• Do not schedule a video conference as “public.”

• Share the meeting link with invitees only.

• Set up a “waiting room” (“lobby”) before allowing entry into the meeting.

• Admit to meeting only appropriate invitees in the “waiting room” (“lobby”).

• Allow only the host to have access to “screen share.”

• Lock the meeting.

• Use “entry” or “exit” tones.

• No recordings should be allowed.

• No private chats should be allowed.

With tatewide stay-at-home orders still in place, Nelson and Simek don’t anticipate Zoom usage to drop any time soon. That’s why it’s important for lawyers to take the time now to learn the basics of the platform to eliminate security breaches and ease the stress of working from home.

“As long as Zoom is used correctly, it can be used ethically,” Nelson said. “Lawyers just need to take time to learn how to use it.”