Voices

Staying safe on Zoom: Important tips for advisors and clients

It’s not exactly a new word, but "zoom" has taken on an entirely new meaning since the beginning of the coronavirus pandemic and widespread stay-at-home orders.

The Zoom videoconferencing app has become almost as pervasive as the virus itself; millions of workers, friends and family members now use it daily to communicate in as close to in-person fashion as we can get under the social distancing regime.

It’s likely safer to use Zoom's web-based version through your internet browser because of additional built-in security measures, according to online security expert Kaspersky.
It’s likely safer to use Zoom's web-based version through your internet browser because of additional built-in security measures, according to online security expert Kaspersky.

Naturally, any time there’s a technological advance that becomes hugely popular, hackers are not far behind. In the case of Zoom, that has resulted in what are becoming known as Zoom bombers: those who intend to intrude on Zoom meetings that they have no business in, usually to disrupt with objectionable video or audio content. There have also been cases where hackers have utilized Zoom to obtain users’ login credentials and other information or used the Zoom platform as a vehicle for planting malware or viruses on users’ computers or servers.

A friend of mine who works at a university reports that the school’s IT department posts regular updates about Zoom security best practices, such as mandatory passwords for meetings, tips for meeting planners, and practices users should avoid.

Here are a few tips to help you stay safe while using Zoom, whether you’re doing an online meetup with friends or discussing important business with coworkers or clients.

I want my clients to stay well-informed and to feel safe at all times.

All the following applies to both the free online version and the desktop app for this specific videoconferencing tool. However, online security expert Kaspersky suggests it's probably safer to use the web-based version through your internet browser because of additional built-in security measures. As with any internet-based application, though, you should always utilize a strong password for your account that is not easy to guess. It’s also wise to require two-factor authentication (usually, a text message to your mobile phone with a verification code that you enter during the sign-in process) for logging in.

1. Always use a meeting password.
This will soon become mandatory on the Zoom platform, specifically, but even before that happens, you should always set up a password for any meeting you are hosting with your clients. You should also avoid logging in as a participant to a Zoom meeting where a password isn’t required. This is the single best defense against hackers.

2. Enable and use the virtual waiting room.
This option, located under “advanced options” when you set up a meeting, requires attendees to enter a virtual waiting room. The meeting host can then see who is ready to join the meeting and can either let them in, remove them from the waiting room (which keeps them out of the meeting), or send them a message. This option also allows the meeting host to move a participant into the waiting room if they begin acting inappropriately — sort of like the time-out corner with misbehaving kids.

3. Don’t post links to virtual meetings online or on social media.
Details like meeting ID numbers and passwords should only be shared via direct email or automated calendar invitations to participants. Anyone with the meeting ID number can attempt to join the meeting, so make sure it only goes to those who are supposed to be participating.

Financial advisors, broker-dealers, custodians and other firms are trying to do their part amid a public health and economic crisis.

May 1

4. If you are hosting, take control of participant interaction.
The icon appears in the toolbar at the bottom of the Zoom screen, shaped like a badge. It allows the meeting host to control which participants can share their screen and also allows the host to lock the meeting so that no one else can join, even if they have the meeting ID and password.

5. Don’t allow virtual meetings to be recorded without your permission.
Recorded meetings can be re-posted to public websites like YouTube. Most of the time, you shouldn’t permit the host or anyone else to record the meeting. If there is a compelling reason it should be recorded, you should have full knowledge and give specific consent.

Online technology has helped us feel less isolated during the coronavirus lockdown. But all of us still need to remember the importance of protecting our data and personal information from bad actors who will take advantage of any vulnerability they can exploit. I want my clients to stay well-informed and to feel safe at all times. If you have questions about online safety, especially regarding your financial affairs, please get in touch.

For reprint and licensing requests for this article, click here.
Client communications Hacking Apps Mobile technology Coronavirus
MORE FROM FINANCIAL PLANNING