Zoom CEO announces to update on progress of cyber security and privacy of its product
By MYBRANDBOOK
Zoom CEO Eric Yuan has announced to deliver an update on progress as the company takes radical steps to enhance the security of its core product. Yuan pledged a number of enhancements to address security and privacy within Zoom, to be delivered over a 90-day programme.
Its first commitment was the enactment of a feature freeze and a shifting of all Zoom’s engineering and development resources to focus on security and privacy. In the past three months, it has released more than 100 new features, including version 5.0 of Zoom, featuring AES 256 GCM encryption, user interface updates, default passwords and pre-entry waiting rooms, as well as new features to help hosts keep their meetings secure, and keep malicious users at bay.
It has also moved to address its previous flip-flopping on end-to-end encryption, partly through its acquisition of Keybase, and put in place new mechanisms to ensure security and privacy by design in all future development.
Its second commitment, a comprehensive review to ensure security and privacy, has seen the appointment of a group of CISO advisers, third-party experts, power users, and other organisations in the privacy, safety, inclusion and social justice space.
Its third commitment, to prepare transparency report detailing information on requests for data, records or content, has seen significant progress, said Yuan, including the recent creation of a guide on how Zoom responds to government data access requests, and new policies, including those relating to new privacy legislation in California.
Its fourth commitment, to enhance its bug bounty programme, has seen the development of a central bug repository, with input from the likes of HackerOne and Bugcrowd, a review process, and improved communication with security researchers and third-party assessors. Yuan has also hired a head of vulnerability and bug bounty and a number of application security engineers.
Its fifth commitment, the creation of its CISO council, has proved successful, with a number of meetings and discussions having already taken place, incorporating input from more than 30 major organisations, including HSBC and Sanofi. This panel has advised on, among other things, regional datacentre selection, encryption, meeting authentication, and other new features. Going forward, it will run a series of CISO roundtables to keep this dialogue fresh.
Its sixth commitment, to conduct a series of penetration tests, has been achieved with the help of the likes of Trail of Bits, NCC and Bishop Fox, which repeatedly probed and reviewed multiple systems, including Zoom’s production environment, public and colocated datacentres, its core web app and corporate network, and its public API (application programming interface) for mobile and desktop clients.
Its final commitment, to host a weekly Wednesday webinar, has seen 13 meetings take place led by Zoom executives and consultants taking live questions from attendees. These webinars will continue, although they will now shift to monthly, with the next to take place on 15 July.
Nazara and ONDC set to transform in-game monetization with ‘
Nazara Technologies has teamed up with the Open Network for Digital Comme...
Jio Platforms and NICSI to offer cloud services to government
In a collaborative initiative, the National Informatics Centre Services In...
BSNL awards ₹5,000 Cr Project to RVNL-Led Consortium
A syndicate led by Rail Vikas Nigam Limited (abbreviated as RVNL), along wi...
Pinterest tracks users without consent, alleges complaint
A recent complaint alleges that Pinterest, the popular image-sharing platf...
PRAMA HIKVISION INDIA PRIVATE LIMITED
MATRIX COMSEC PVT. LTD.
RELIANCE JIO INFOCOMM LTD.
CENTRE FOR DEVELOPMENT OF TELEMATICS (C-DOT)
ICONS OF INDIA : SUNIL BHARTI MITTAL
Sunil Bharti Mittal is the Founder and Chairman of Bharti Enterprises,...
Icons Of India : NANDAN NILEKANI
Nandan Nilekani is the Co-Founder and Chairman of Infosys Technologies...
Icons Of India : B.V.R. Subrahmanyam
A 1987 batch (Chhattisgarh cadre) Indian Administrative Service Office...
ECIL - Electronics Corporation of India Limited
ECIL is distinguished by its diverse technological capabilities and it...
NIC - National Informatics Centre
NIC serves as the primary IT solutions provider for the government of ...
C-DAC - Centre for Development of Advanced Computing
C-DAC is uniquely positioned in the field of advanced computing...
Indian Tech Talent Excelling The Tech World - Anirudh Devgan , President, Cadence Design
Anirudh Devgan, the Global President and CEO of Cadence Design Systems...
Indian Tech Talent Excelling The Tech World - NEAL MOHAN, CEO - Youtube
Neal Mohan, the CEO of YouTube, has a bold vision for the platform’s...
Indian Tech Talent Excelling The Tech World - Satya Nadella, Chairman & CEO- Microsoft
Satya Nadella, the Chairman and CEO of Microsoft, recently emphasized ...