Zoom CEO announces to update on progress of cyber security and privacy of its product
By MYBRANDBOOK
Zoom CEO Eric Yuan has announced to deliver an update on progress as the company takes radical steps to enhance the security of its core product. Yuan pledged a number of enhancements to address security and privacy within Zoom, to be delivered over a 90-day programme.
Its first commitment was the enactment of a feature freeze and a shifting of all Zoom’s engineering and development resources to focus on security and privacy. In the past three months, it has released more than 100 new features, including version 5.0 of Zoom, featuring AES 256 GCM encryption, user interface updates, default passwords and pre-entry waiting rooms, as well as new features to help hosts keep their meetings secure, and keep malicious users at bay.
It has also moved to address its previous flip-flopping on end-to-end encryption, partly through its acquisition of Keybase, and put in place new mechanisms to ensure security and privacy by design in all future development.
Its second commitment, a comprehensive review to ensure security and privacy, has seen the appointment of a group of CISO advisers, third-party experts, power users, and other organisations in the privacy, safety, inclusion and social justice space.
Its third commitment, to prepare transparency report detailing information on requests for data, records or content, has seen significant progress, said Yuan, including the recent creation of a guide on how Zoom responds to government data access requests, and new policies, including those relating to new privacy legislation in California.
Its fourth commitment, to enhance its bug bounty programme, has seen the development of a central bug repository, with input from the likes of HackerOne and Bugcrowd, a review process, and improved communication with security researchers and third-party assessors. Yuan has also hired a head of vulnerability and bug bounty and a number of application security engineers.
Its fifth commitment, the creation of its CISO council, has proved successful, with a number of meetings and discussions having already taken place, incorporating input from more than 30 major organisations, including HSBC and Sanofi. This panel has advised on, among other things, regional datacentre selection, encryption, meeting authentication, and other new features. Going forward, it will run a series of CISO roundtables to keep this dialogue fresh.
Its sixth commitment, to conduct a series of penetration tests, has been achieved with the help of the likes of Trail of Bits, NCC and Bishop Fox, which repeatedly probed and reviewed multiple systems, including Zoom’s production environment, public and colocated datacentres, its core web app and corporate network, and its public API (application programming interface) for mobile and desktop clients.
Its final commitment, to host a weekly Wednesday webinar, has seen 13 meetings take place led by Zoom executives and consultants taking live questions from attendees. These webinars will continue, although they will now shift to monthly, with the next to take place on 15 July.
The latest version of X helps prevent deepfakes on social medi
To combat deepfakes and shallowfakes, Elon Musk revealed a new update t...
India and Namibia collaborate on a payment system similar to U
Once operational, the platform will enable digital transactions in Namibia,...
Sebi issues show-cause notices to six Adani group firms
Sebi issued show-cause notices to six Adani Group firms, including Adani ...
Microsoft to build a new data centre to support Thailand's tec
Microsoft has revealed intentions to construct a regional data centre as w...
WIPRO LTD.
DRUVA SOFTWARE PVT. LTD.
BEETEL TELETECH LTD.
SAMSUNG INDIA ELECTRONICS PVT. LTD.
Technology Icons Of India 2023: Rajeev Chandrasekhar
Rajeev Chandrasekhar is the Union Minister of State for Electronics an...
Technology Icons Of India 2023: Anant Maheshwari
As President of Microsoft India, he is responsible for Microsoft’s o...
Technology Icons Of India 2023: Shailendra Katyal
Shailendra is instrumental in Lenovo achieving the no.1 position in PC...
Aadhaar: Architecting the World's Largest Biometric Identity System
The Unique Identification Authority of India (UIDAI) is a statutory au...
BSE provides highly secure, efficient and transparent market for trading
BSE (formerly known as Bombay Stock Exchange Ltd.) is Asia's first & t...
INDIANOIL helps reach precious petroleum fuels to every nook and corner of the country
IndianOil, a diversified, integrated energy major with presence in alm...
NETPOLEON SOLUTIONS
Netpoleon Group is a Value-Added Distributor (VAD) of Network Security...
ADITYA INFOTECH LTD.
Aditya Infotech Ltd. (AIL) – the technology arm of Aditya Group, is ...
SUPERTRON ELECTRONICS PVT. LTD.
Supertron deals in servers, laptops, components, accessories and is a...