Zoom agrees security, privacy improvements after New York AG investigates

News General United States 8 MEI 2020
Zoom agrees security, privacy improvements after New York AG investigates

New York Attorney General Letitia James announced an agreement with Zoom Video Communications for the videoconferencing provider to adopt new security measures. James wrote to the company in March to express concerns about a lack of protection for the growing number of Zoom users and said she would investigate the company's security and privacy practices. Many of the agreed new measures are part of Zoom's earlier announced 90-day security plan, some of which has already been implemented. 

Zoom has agreed to implement and maintain a comprehensive data security program to protect all users, to be designed and run by the company’s Head of Security. Zoom will also conduct risk assessment and software code reviews to ensure that the company’s software does not have vulnerabilities that would allow hackers to exploit user information. The company has agreed to take steps to protect consumers from attacks where hackers attempt to access accounts using old credentials. Additionally, Zoom has agreed to enhance its encryption protocols by encrypting users’ information, both in transit and as stored online on their cloud servers. Finally, Zoom will operate a software vulnerability management program and will perform the most thorough form of penetration testing each year.

Zoom also agreed to enhanced privacy controls for free accounts, as well as kindergarten through 12th grade education accounts. Hosts — even those with free accounts — will, by default, be able to control access to their video conferences by requiring a password or the placement of users in a digital waiting room before a meeting can be accessed. Hosts will also be able to control access to private messages in a Zoom chat, control access to email domains in a Zoom directory, control which — if any — participants can share screens, limit participants of a meeting to specific email domains, and place other limits on participants with accounts, to the extent applicable.

Additionally, Zoom has taken steps to stop sharing user data with Facebook and has disabled its LinkedIn Navigator feature, which shared profiles with users even where the user wanted to stay anonymous. Finally, Zoom has agreed to provide a copy of its annual data security assessment report to the Office of the Attorney General for the term of the agreement.  

Zoom has further agreed to continue to maintain reasonable procedures to enable users to report violations of Zoom’s Acceptable Use Policy, including allowing meeting hosts to report a user for engaging in abusive conduct. Zoom will also update its Acceptable Use Policy to include abusive conduct based on race, religion, ethnicity, national origin, gender, or sexual orientation. Finally, Zoom has agreed to investigate reported misconduct in a timely fashion and to take appropriate corrective action based on its investigations, including banning users who violate the policy.

Categories:

General

Companies:

Zoom Video Communications

Countries:

United States

Tags:

Security, Regulations, Videoconferencing

Related Articles

NETHERLANDS 17 MRT 2022

Zoom resolves Dutch public sector security concerns

All high risks associated with the use of Zoom Video Communications services in the public sector have been solved, according to a study on behalf of Dutch universities and government by the consultant Privacy Company. The study found that there were still some low risks, but that universities and government organisations could mitigate these themselves. 

UNITED STATES 2 AUG 2021

Zoom to pay USD 85 mln to settle class-action suit over 'zoombombing'

Zoom Video Communications agreed to pay USD 85 million and improve its security practices to settle a lawsuit claiming it violated users' privacy rights by sharing personal data with Facebook, Google and LinkedIn, and letting hackers disrupt Zoom meetings via 'zoombombing'. The preliminary settlement still requires approval by US District Judge Lucy Koh in San Jose, California, Reuters reports.

GLOBAL 31 DEC 2020

Privacy regulators to continue talks with Microsoft, Cisco, Zoom, Google on videoconferencing safeguards

Data protection and privacy regulators from several countries are working together to help improve privacy controls on popular videoconferencing platforms. An open letter sent in July was answered by Microsoft, Cisco, Zoom and Google, and the companies acknowledged the concerns raised about privacy safeguards and highlighted the measures they have taken, according to a statement from UK regulator ICO. The ICO said the response was "encouraging" and the regulators plan continued engagement with the companies

UNITED STATES 10 NOV 2020

Zoom agrees security improvements after FTC investigation

Zoom Video Communications has agreed to tighten the security of its videoconferencing services after the FTC found the company had misled users about the extent of its protection of personal data. The company agreed to conduct an annual security assessment, implement a vulnerability management program and deploy safeguards such as multi-factor authentication, data deletion controls and blocking compromised user credentials.

GLOBAL 26 OKT 2020

Zoom starts testing end-to-end encryption for all users, paid or free

Zoom Video Communications said it has added end-to-end encryption (E2EE) for all users worldwide, free and paid, for meetings of up to 200 participants. The feature is available immediately as a technical preview, and the company said it will welcome user feedback over the next 30 days. 

GLOBAL 15 JUL 2020

Zoom launches home hardware to target remote workers

Zoom Video Communications is expanding further in the hardware market with a new 'Zoom for Home' offering to serve the growing number of remote workers. The dedicated videoconferencing system was developed for home use with DTEN and works with all Zoom Meeting licences. 

GLOBAL 18 JUN 2020

Zoom extends encryption to free users

Zoom Video Communications announced it will offer free encryption to all its customers, not just paid subscribers. The decision is part of its 90-day review to improve security on the videoconferencing platform. 

GLOBAL 3 JUN 2020

Zoom profits jump in Q1 after strong customer growth from home working

Zoom Video Communications saw its revenue nearly triple in its fiscal first quarter to April, to USD 328 million from USD 122 million a year earlier, as more people adopted the videoconferencing platform while at home during the Covid-19 pandemic. The company's operating profit jumped to USD 23.4 million from USD 1.6 million a year ago, and adjusted net profit earnings rose to 20 cents a share from USD 0.03, double the company's forecast. 

CHINA 19 MEI 2020

Zoom suspends individual sign-ups from China for its videoconferencing services

Zoom Video Communications is not letting individual users in China sign up anymore for its services, the Nikkei Asia Review reported. Individual users have since May only been able to join Zoom hosted meetings. Those who upgraded to pay accounts before 1 May can continue using the services but only enterprise customers in China can now sign up. The details were posted on a Chinese Zoom website managed by China reseller Donghan Telecom.

UNITED STATES 14 MEI 2020

Zoom to open R&D centres in Phoenix, Pittsburgh

Zoom Video Communications will open two new research and development centres, one in the greater Phoenix, Arizona area and another in Pittsburgh, Pennsylvania. Zoom will immediately start recruiting software engineering talent in these geographies. Employees will work from home until the offices are built and Covid-19-related isolation has abated, expected for fall 2020.

GLOBAL 7 MEI 2020

Zoom buys Keybase to accelerate encryption efforts

Zoom Video Communications announced the acquisition of Keybase, a secure messaging and file-sharing service, for an undisclosed sum. The takeover is expected to accelerate Zoom's plan to build end-to-end encryption into its videoconferencing platform. 

GLOBAL 6 MEI 2020

Zoom adds board member McMaster, names public policy head

Zoom appointed Lieutenant General Herbert Raymond 'H.R.' McMaster as an independent director to its board effective 6 May. The company said it also hired Jonathan Kallmer as its head of Global Public Policy and Government Relations, effective 26 May. 

GLOBAL 22 APR 2020

Zoom update adds encryption, increased security controls

Zoom Video Communications has announced an update of its virtual meeting software, adding encryption and new security controls. The company said the roll-out of the Zoom 5.0 update is an important milestone in the 90-day plan it started to improve security on the platform. 

GLOBAL 14 APR 2020

Zoom enables paying users to customise data centre region

Zoom announced that paying customers will be able to choose from 18 April from which data centre they want their traffic over the videoconferencing platform routed. Users will be able to opt in or out of data centre regions. The company said the new feature was aimed at giving customers more control over their data and the service. Zoom Conference Room Connectors (CRCs) in disabled regions will not be allowed to connect to meetings or webinars. 

GLOBAL 8 APR 2020

Zoom hires former Facebook security chief to help with security review

Zoom Video Communications announced it has hired Alex Stamos as an outside advisor to help in its planned security review. He was previously Facebook's Chief Security Officer, until leaving the company in 2018 to become a researcher at Stanford university. Zoom also formed an advisory council with other security specialists.

Just In

19 DEC 16:42

SLT-Mobitel launches 5G network in Sri Lanka

19 DEC 16:19

Dialog Axiata launches 5G network, connects 1.5 million subscribers

19 DEC 15:56

UK govt to ban AI-enabled nudification apps to protect women, girls

19 DEC 15:42

3 UK launches last-minute Christmas sale

Commentary

13:56

Video market set for slower growth ahead

11:38

Netflix buys Warner Bros to deepen content catalogue

11:11

KPN's mixed performance in Q3 raises questions for strategy day

15:26

Stock markets breaking records but what happened to Odido's IPO plans?

Background

01:04

The week in telecom: Wi-Fi bolt-ons take off to boost broadband growth, video market works on consolidation

01:39

The week in telecom: Netflix wins bidding for Warner Bros, Apple poaches new execs, Samsung debuts trifold

13:51

Proximus vs. Telenet: Proximus performs better in Q3 while Telenet uses up cash

14:16

Proximus Domestic still struggling with low margins

Complete profile

Before downloading the whitepaper, we would like to ask you to complete your profile with company and position. After confirming you will receive the white paper.