Zoom’s security updates are ‘just a first step’, says boss
Image credit: Dreamstime
With Zoom having completed its 90-day drive to boost the video conferencing platform’s security measures, CEO Eric Yuan said their efforts in this area “cannot and will not stop here”.
With the advent of global lockdown due to the coronavirus pandemic, Zoom saw a massive and unprecedented rise in users.
The additional attention on the platform brought to light security flaws and it has been blamed for inadvertently leaking users’ personal information to other users and allowing hackers to steal users’ Windows login credentials.
The company subsequently embarked on a 90-day program, starting on 1 April, to introduce security features designed to alleviate some of the concerns raised.
This included the addition of AES 256 GCM encryption for all users; security-based UI updates; changes to the meeting defaults, including password, waiting room and limited screen sharing, and other features allowing tighter controls for the host.
Zoom also acquired start-up firm Keybase in a bid to rapidly build end-to-end encryption for all users - both free and paid - after initially being criticised for saying this feature would only be available for paid customers.
“This period has brought about meaningful change at our company and made the safety, privacy and security of our platform central to all we do, as we strive to be worthy of the trust customers place in us,” Yuan said.
“I am proud of, and humbled by, the role Zoom has played in connecting the world in crisis and in all that our team has accomplished in the past 90 days to better secure our platform.
“But we cannot and will not stop here. Privacy and security are ongoing priorities for Zoom and this 90-day period – while fruitful – was just a first step.
“Throughout this report I have provided information on new processes and people that will help Zoom on our journey to becoming the most frictionless and secure video communications platform in the world.”
The privacy concerns surrounding the platform led to many businesses, schools and other organisations opting to ban its employees from using the Zoom app.
The most notable issue was the phenomenon of ‘Zoombombing’, where strangers were able to gain access to a video call and abuse other participants, often by displaying offensive images and video.
Sign up to the E&T News e-mail to get great stories like this delivered to your inbox every day.