Zoom is responding to the list of security concerns raised recently and has promised to dedicate its resources to identify, address, and fix ongoing issues over the next 90 days proactively by freezing feature updates, CEO Eric S Yuan announced through a blog post. The video conferencing app has gained huge popularity thanks to the coronavirus outbreak that has pushed people to work from home. However, the popularity has come alongside various security issues that exist not just for any particular group of people but for the masses using the Zoom app on their Windows or Mac computers and even the ones using accessing the solution on their mobile devices.
Yuan in his blog post has highlighted that Zoom has grown from 10 million daily users in December to more than 200 million daily users in March. The app was also used by over 90,000 schools across 20 countries worldwide due to the coronavirus pandemic. All this shows the speedy growth of the video conferencing app. But that growth has also brought some security issues into the limelight.
Initially, Zoom was designed for enterprise customers that have full IT support and have done “exhaustive security reviews”, Yuan noted in the post. That trend, however, has changed in the recent past — specifically due to the outbreak that has hit almost all major countries of the globe.
“We now have a much broader set of users who are utilising our product in a myriad of unexpected ways, presenting us with challenges we did not anticipate when the platform was conceived,” wrote Yuan.
The change and what more significant is the growth in users have highlighted various loopholes that exist in the app may be since its inception. Zoom did try to limit the outrage from users by speedily fixing issues such as the one where it was spotted sharing data with Facebook even when users weren’t signing in using their social media profiles. It also updated its privacy policy and just earlier this week acknowledged and apologised for the misleading end-to-end encryption claim.
How to Keep Zoom Calls Safe From Zoombombers
Having said that, security agencies in countries such as the US and India aren’t convinced by the recent efforts made by Zoom. The company is, therefore, moving its focus from developing new features to enhancing its security for the next 90 days.
“We are also committed to being transparent throughout this process,” the CEO stated in the blog post.
Zoom is set to prepare a transparency report detailing requests for user data, records, and content and launching a CISO council in partnership with various CISOs to discuss “security and privacy best practices”. Some of the new measures in the pipeline also include the company’s engagement in white box penetration tests and enhancing its current bug bounty programme. It is also in plans to kick off a weekly webinar on Wednesdays to provide privacy and security updates.
Zoom App Could Let Attackers Access Windows Passwords, Take Over Your Mac: Reports
“I am committed to being open and honest with you about areas where we are strengthening our platform and areas where users can take steps of their own to best use and protect themselves on the platform,” Yuan asserted.
Fixing the existing security issues and starting to focus more towards uplifting privacy of its users is indeed the need of the hour of Zoom — considering its growing numbers across the world. Nonetheless, the new changes planned by the company would also make the competition tougher for Google’s Hangouts Meet and Microsoft’s Skype that are aimed to serve a similar set of consumers that are currently participating in Zoom meetings.