Due to cyber security concerns amid the COVID-19 pandemic, Standard Chartered is the first major global financial institution to tell workers to stop using Zoom Video Communications, based on a memo which Reuters had access to.
Last week, the message was sent by Chief Executive Officer Bill Winters to his managers and he also cautioned against using Alphabet’s Google Hangouts platform for virtual gatherings.
According to industry experts, the level of conversation encryption of Zoom and Google Hangouts are not as good as rival companies such as Blue Jeans Networks, Cisco System’s Webex or Microsoft Corp’s Teams.
When queried by Reuters regarding the memo, a Standard Chartered spokesman refused to comment. Staff can use a few authorised tools for audio and video conferencing as well as cyber security being a top priority, she explained.
Third parties exposed the security flaws of Zoom as they intruded into strangers’ video chats without wearing clothes, inserting vulgar pictures into presentations or hurling racial insults at participants.
The incident, dubbed the “Zoombombing” has agitated many users amidst families, friends, students and businessmen throng to the service so that they remain connected during pandemic-induced isolation.
Compared to the end of 2019 with 10 million users, Zoom had around 200 million users in March each day.
Regulations can penalise banks for exposing customer information, even if accidentally, and this has caused worries in banks regarding cybersecurity issues.
According to two employees not authorised to speak on the matter, Standard Chartered staff mainly use Blue Jeans.
The bank has followed in the footsteps of others such as governments in Taiwan and Germany, New York City’s public school system and Elon Musk’s SpaceX as they restrict the use of Zoom.
“Exhaustive security reviews” of Zoom’s technology had been done by many global customers such as financial firms, universities, government agencies and telecommunications companies even as they chose Zoom as a service, the company stated.
Last week, former Facebook Security Chief, Alex Stamos was nominated as an adviser on safety and privacy concerns by Zoom’s founder Eric Yuan. This is to suppress the global backlash towards Zoom’s perceived flaws.
It is tricky for banks to select a communications provider as they balance the preferences of clients, data-access needs and security concerns. Clients and employees may even jump ship to another service outside official channels if the rules are too strict.
During this period of COVID-19, industry workers have had a mixed experience with video chats.
Two employees from JPMorgan Chase & Co remarked that they habitually hold meetings on Zoom. Aside from Blue Jeans, Zoom is another videoconferencing tool allowed by the bank, among a few others.
According to a source, virtual “pub outings” on Zoom have also been held by Goldman Sachs Group employees. This allowed them to connect after work with some drinks in hand to chat.
In a video on 3 April, staff has been told by the bank’s chief technology officer that they are permitted to use Blue Jeans and Zoom.
A source also remarked that Morgan Stanley’s employees could use Zoom, as well as other options.
Furthermore, Zoom is only used at Barclays when a client requests it, a source stated. As for those at Citigroup and Wells Fargo & Co, they depend on other services as they are not familiar with Zoom.
In an interview, Thomas Gira, the Head of Market Regulation noted that Zoom is still used by the Financial Industry Regulatory Authority (Finra), a self-regulatory group for US brokers, after security experts settled some issues with the company.