Security News > 2020 > July > Zoom: We've delivered on all of our security and privacy promises, apart from one

Zoom: We've delivered on all of our security and privacy promises, apart from one
2020-07-02 11:33

As more remote workers turned to Zoom for business meetings, virtual get-togethers and other forms of socially distanced communication, it soon became apparent that security -thanks to headaches such as a wave of ' Zoom-bombing ' - was an area that needed more work.

As a result, Zoom CEO Eric Yuan launched a 90-day programme that pledged to address key privacy and security concerns.

This includes its 90-day feature freeze on all new features not relating to privacy and security, during which time Yuan said the company pushed 100 new security features to the platform and introduced Zoom 5.0, which introduced AES 256 GCM encryption, new reporting capabilities and passwords and waiting rooms for meetings as default.

As well as the feature freeze, pledges included launching a CISO council to maintain oversight on security and privacy issues; enhancing Zoom's bug bounty programme; conducting penetration tests and conducting a review of its service with third-party experts and users.

The latter commitment is where Zoom has come up short: Yuan claimed that the company had made "Significant progress defining the framework and approach for a transparency report that details information related to requests Zoom receives for data, records, or content," but revealed that the report will now be published later in 2020 and will include fiscal Q2 data.


News URL

https://www.techrepublic.com/article/zoom-weve-delivered-on-all-of-our-security-and-privacy-promises-apart-from-one/#ftag=RSS56d97e7