The gift of hard lessons learned by Zoom’s security and privacy issues

It's been a crazy few months to say the least, and in times of such turmoil and disruption, it's often helpful to take a step back and look at the lessons that can be learned when things are changing so rapidly.

One such lesson is the meteoric rise of video conferencing vendor Zoom and its subsequent public lambasting due to security and privacy issues. I won't rehash those issues here, since plenty of other sources have done a fine job enumerating their missteps. Rather, let me summarize what they got right and wrong, and the lessons to be drawn from their rollercoaster ride of fame and misfortune.

What Zoom got right: Solving customer problems

What Zoom got right is really uncovering the customer problem, and relentlessly focusing on solving that problem. In a world chock full of video conferencing tools, they realized they needed to solve two important customer problems: 1) the difficulty of using those tools, and 2) making meetings fun and useful. Zoom gained such momentum because they had a laser focus on solving these two issues and truly set themselves apart from the market. That very strength became its Achilles' heel when the new world of COVID-19 arrived at everyone's doorstep in the form of working remotely and attending virtual Seders, birthday parties, and even funerals.

However, Zoom's relentless focus on ease of use and fun led them to make poor choices around circumventing security and privacy in the name of user experience and simplicity. The result of those choices became an erosion in consumer trust. Zoom has now been banned from use by countless organizations. While its usage has skyrocketed, the brands and organizations that really matter – potentially its best, most profitable segment – will likely never use them again. This is what comes from not putting privacy, trust, and security at the heart of your experience design considerations.

Privacy and security can't be afterthoughts

One could argue that Zoom still has grown 10x from their starting point several months ago, but is that the right growth for them? Will that be the right market – one that brings profitable, long term customers? Time will tell, but brands take a long time to recover from reputational hits like this one. There is also the lingering dam of lawsuits that will inevitably flow from unfortunate incidents like zoombombing. The lesson in this for all brands and organizations is that privacy and security can't be afterthoughts in any customer experience design. Privacy, in particular, has become such a hot button for customers that they will go elsewhere rapidly if they feel their data is at risk. Zoom paid a high price to teach us this lesson, and it is my hope we can all benefit from it.