How Zoom® Got It Wrong and What They are Doing About It

By Andy McNeill, CEO, American Meetings, Inc.

Well, Virtual Meetings are here. At AMI, we provide meeting support services around numerous platforms based on our clients’ needs including WebEx®, IMEET®, GoToMeeting & Adobe Connect®  just to name a few. In addition, almost overnight, Zoom® has become not only a useful tool but a cultural phenomenon. The meetings community already knew that Zoom was a powerful and useful collaboration tool. Now it seems that the rest of the world has been introduced to Zoom as a free user software. It went from 10 million daily users to 200 million seemingly overnight.  The scrutiny of such an offer was swift and glaring, and justifiably so. Zoom was offering its platform, not only to businesses but to individuals and the entire educational system. Over pancakes, my 9-year-old twins were asking me to download Zoom to their Chromebooks for their morning virtual class meetings.

With popularity, come study and inspection, and boy did it.

We all know now Zoom got it wrong…way wrong. However, let’s take a step back and look at the software objectively and with a little hindsight.  The software, when used with all of its tools, is quite secure. Implementing the waiting room and password functions alone will stop any “Zoombombing” and unauthorized access. As their CEO, Eric S. Yuan, communicated in a recent post:

Organizations ranging from the world’s largest financial services companies to leading telecommunications providers, government agencies, universities, healthcare organizations, and telemedicine practices…have done exhaustive security reviews of our user, network, and data center layers and confidently selected Zoom for complete deployment.”

AMI being one of them. With the correct management, the software is very secure. In fact, they state:

“Where all participants are using the Zoom app, no user content is available to Zoom’s servers or employees at any point during the transmission process. However, that is a big asterisk, and in today’s world of IT and data security, is not acceptable for a world class software.

So how did they come so off track so quickly?

First, Zoom had allowed for 3rd party plug-ins like Facebook and LinkedIn Sales Navigator to glean user data. With that said, as a public company, they have also stated, “that we do not sell our users’ data, we have never sold user data in the past, and have no intention of selling users’ data going forward.” Zoom has removed these integrations, but the damage to their brand is significant.  Second, they did not have specific K-12 policies in place and were offering this product to the world’s educational institutions. This is now in place, but the lapse in judgment was significant. Finally, there were numerous fixes and patches that needed to be addressed, that were unknown to them, but identified by the broader tech community. They have addressed our promise to address over the next 90 days.

Photo Credit: Zoom®

So, where do we go from here?  Well, that is up to each individual, company, and organization.  Zoom remains a powerful collaborative tool. Its ease of use and simplicity are the biggest benefits. It does have strong security settings, and when used correctly, it meets the needs and security standards of many global corporations. The key phrase there is “when used correctly”. This is also the user’s responsibility.

Zoom sits at a key turning point. If they address the issues, it will make them, a better, more secure, and more desirable communication tool. If they fail to address, they will lose the confidence of the tech community, and the world with it.

For more information on what Zoom is doing, see these recent blogs from the corporation:

A Message To Our Users

The Facts Around Zoom and Encryption for Meetings/Webinars

Updates from Zoom® as of 04/10/2020

Zoom Product Updates: New Security Toolbar Icon for Hosts, Meeting ID No Longer Displayed.

By: Deepthi Javarajan

Visible only to hosts and co-hosts of Zoom Meetings, the Security icon provides easy access to several existing Zoom security features so you can more easily protect your meetings. Last night we implemented an important update to help make your meetings more private and secure. The most visible change that meeting hosts will see is an option in the Zoom meeting controls called Security. This new icon simplifies how hosts can quickly find and enable many of Zoom’s in-meeting security features.

By clicking the Security icon, hosts and co-hosts have an all-in-one place to quickly:

The Security icon is available in our latest release (version 4.6.10) to all Zoom hosts and co-hosts in all free and paid account types on desktop (Mac & Windows), mobile (iOS & Android), iPad, and in the web client.

Read more about the Security icon update on our support page.

Meeting ID no longer displayed

Additionally, the Zoom Meeting ID will no longer be displayed on the title toolbar. The title will simply be “Zoom” for all meetings, preventing others from seeing active meeting IDs when, for instance, Zoom screenshots are posted publicly.

Additional security updates

The Zoom team also updated several features for specific account types:

  • Waiting Rooms: The Waiting Room feature is now on by default for free Basic and single licensed Pro accounts, as well as education accounts enrolled in our K-12 program.
  • Passwords: Meeting passwords are on by default for free Basic and single licensed Pro accounts, and for education, accounts enrolled in our K-12 program. The default setting cannot be changed for those education accounts.
  • Domain contacts: For free Basic and single licensed Pro accounts with unmanaged domains, contacts in the same domain will no longer be visible. We’ve also removed the option to auto-populate your Contacts list with users from the same domain. If you would like to keep those contacts, you can add them as External Contacts.
  • Renaming participants: In addition to the above in-meeting renaming control, account admins and hosts can now disable the ability for participants to rename themselves (for every meeting) at the account, group, and user level in the web portal.

To update to the latest version of Zoom, visit our download page. To get more tips and tricks for securely using Zoom, check out Zoom’s YouTube page or the Zoom Blog.

Share Blog
Join Our Mailing List

You May Also Like…