The ongoing coronavirus pandemic has seen people relying on work collaboration apps like Teams and Slack to talk to others or conduct meetings. Zoom, in particular, has seen incredible growth over the past few weeks but it came at a cost. The company has been under a microscope after various researchers discovered a number of security flaws in the app. To Zoom’s credit, the company responded immediately and paused feature updates to focus on security issues.
Today, the company announced that it’s taking help from CISOs to improve the security and patch the flaws in the app. Zoom will be taking help from CISOs from HSBC, NTT Data, Procore, and Ellie Mae, among others. Moreover, the company is also setting up an Advisory Board that will include security leaders from VMware, Netflix, Uber, Electronic Arts, and others. Lastly, the company has also asked Alex Stamos, ex-CSO of Facebook to join as an outside advisor. Alex is a well-known personality in the cybersecurity world who left Facebook after an alleged conflict of interest with other executives about how to address the Russian government’s use of its platform to spread disinformation during the 2016 U.S. presidential election.
Last week, after I posted a series of tweets discussing the security challenges for Zoom and how they could respond, I got a phone call from Eric Yuan, Zoom’s founder and CEO. We talked about the significant challenges his company was facing, both in responding to an incredible growth in users but also living up to the security expectations of the moment.
He asked detailed and thoughtful questions of my experiences working at companies facing extreme crises, and I was impressed by his clear vision for Zoom as a trusted platform and his willingness to take aggressive action to get there. He asked if I would be interested in helping Zoom build up its security, privacy and safety capabilities as an outside consultant, and I readily agreed.
– Alex Stamos (on Medium)
Zoom has also announced a new update to the meeting interface. The company now hides the Meeting ID from the title bar which is a small but important change. This means that if you’re taking a screenshot of the meeting, the ID won’t be visible making it harder for bad actors to join the meeting.
Zoom has been one of the rare winners in the coronavirus pandemic but the company has been facing backlash for not protecting its users properly. Earlier this week, the Taiwan government banned the use of Zoom following the various security breaches and Zoombombing. Before that, SpaceX decided not to use the app for their internal meetings. Several schools have also banned the app citing privacy concerns. However, that hasn’t stopped the company from gaining millions of users amid the ongoing pandemic.