Our Blog



Using Zoom? You've bought some time, use it wisely

As this blog is about using time wisely, I think I can safely skip the now-obligatory introductory paragraph about unprecedented situations. If you’re a business that cares about security or has regulatory privacy obligations (are we all still here?), this message is for you: using Zoom has bought you some time, but do not stop there.

Using Zoom? You've bought some time, use it wisely

You need to move quickly toward something that will support your security and privacy requirements and provide the essential foundation for collaboration and productivity.

Although it’s true that Empired is a Microsoft partner so we are naturally going to encourage customers to use Microsoft technology, we are also experts in enterprise collaboration and security.  In this blog, I’ll explain why Empired believes that although Zoom might be your starting point, Microsoft should be your destination.

Zoom’s accessibility and ease of use has made it the tool of choice for many businesses needing quick and simple voice and video collaboration. Today, Zoom is experiencing huge growth, and intense scrutiny. The demand for a quick and simple solution to enable remote working has exposed serious weaknesses in Zoom’s approach to security and privacy. Although these issues are being addressed quickly, essentially, Zoom’s customers are being the test dummies for a platform which isn’t designed for enterprise collaboration. Let’s review a few of the fundamental issues:


Zoom doesn’t use your business directory (for example, Microsoft Active Directory). It’s all run on email addresses. This brings up an essential point: an email address is no guarantee of identity. I could easily send an email that looks like it came from your address inviting your people to join my meeting. From there, I could trick them into clicking a phishing or malware link to exploit their computers and your network. By using Microsoft Azure Active Directory my identity is verified by the service provider..


 Zoom’s approach to security has been relaxed. Zoom multi-factor authentication doesn’t apply to its own desktop client, or the mobile app. Zoom doesn’t provide “end to end” security, so the Zoom service itself can access the unencrypted video and audio content of Zoom meetings. And if you have data sovereignty requirements, you should understand that your data could easily end up outside of Australia (and New Zealand) as this comprehensive article from The Citizen Lab demonstrates. Finally, Zoom is using the 128 bit encryption standard rather than the 256 bit version in a way that allows images and video to be partly re-constructed.


Zoom isn’t transparent on how it deals with government requests for its data, in contrast to how organisations such as Microsoft, Google and even Facebook manage this. In fact, Zoom is currently facing a lawsuit over its collection of user information, which alleges that “Upon installing or upon each opening of the Zoom App, Zoom collects the personal information of its users and discloses, without adequate notice or authorization, this personal information to third parties, including Facebook, Inc. (“Facebook”), invading the privacy of millions of users”.

But, let’s get real. Many businesses are just trying to survive today. Subtleties around encryption standards are likely not top of the agenda, and doesn’t everyone give their info to Facebook anyway?

Maybe. But our position is that you should be planning right now to move your business onto a platform that provides better-than-Zoom capabilities for collaboration and productivity and was designed from the ground up to meet stringent security and privacy requirements. Because there are some positive outcomes from having to learn on-the-job remote working; we’ve now achieved a shift in working style which would otherwise have taken a decade, perhaps more, to achieve.

When we return to “Business-as-usual”, we believe the demand for office space will be reduced, flexible working will be pervasive, and – perhaps most importantly – people will have learned to collaborate in a very different way.

But Zoom won’t deliver those benefits. Zoom offers “quick and dirty” video calling. It’s a consumer-grade service that has unexpectedly found temporary fame on “Cloud’s Got Talent” and is now being exposed under the harsh spotlight of security and privacy concerns. It has helped to fill a gap but the future demands a platform which is proven to be trustworthy and provides all the other tools and capabilities we need to collaborate and manage information.

Despite the uncertainty of this time, an opportunity is now presenting itself, to achieve the transformation many businesses have been talking about for years. Using Zoom has bought you some time, but it’s not a viable long-term solution for the enterprise. Use the time and the remote working momentum to move to the Microsoft cloud.

Microsoft’s competitor to Zoom is the consumer version of Skype, which offers no sign-up, no download, free video conferencing. With the recent announcement that Microsoft plans to allow Skype and Teams users to message and make internet calls together, and because Skype shares some of the same technology as Microsoft Teams, this could also be a sensible option for organisations needing a quick alternative to Zoom while preparing for Office 365.

Get in touch now to find out how we can help you replace Zoom with Microsoft technology and provide the foundation for a secure, enterprise-strength collaboration platform.  


This blog is part of the #ReimagineWork series. For more experts' insights, clients' experiences and to download our datasheets, click the banner.

For more experts' insights, clients' experience and to download our datasheets, click the banner #datareimagine

Posted by: Doug Baxter, Solution Specialist | 08 April 2020

Tags: Office 365, Security, Collaboration, Microsoft Teams, Contingency Plan, Continuity Plan, COVID-19, Emergency Response, Remote work, #ReimagineWork

Top Rated Posts

Blog archive

Stay up to date with all insights from the Empired blog