Zoom has zoomed to global stardom but a growing number of companies, which now includes Google, have barred their employees from using it due to security vulnerability concerns.
With the majority of Google’s IT-based workforce working remotely, the company released a statement reiterating its policy against using unapproved applications outside the corporate network. In fact, Zoom is a direct competitor to Google’s own Hangout Meet app.
Google said that Zoom was unable to pass the company’s own security standards in place for employees, especially with one prominent reported flaw of the software where users are susceptible to having their system login credentials stolen.
Another known vulnerability in Zoom allows attackers to have remote access with the video cameras and microphones of Mac computers.
To address this issue, Zoom has released in its blog post a response on how it will improve security and privacy for users. The videoconferencing app said it will be focusing on two key aspects – geo-fencing and meeting encryption.
Zoom failed to fully implement its geo-fencing practices when it haphazardly added server capacity in China. This allowed certain meetings to connect to systems at the origin of the outbreak, which was not supposed to be the case.
This event happened in February, where Zoom mistakenly added two Chinese datacenters in its white-list of backup bridges. The mistake led to potentially connecting non-Chinese users to the systems whenever non-Chinese servers are unavailable.
Zoom founder Eric Yuan has vowed to fortify the app’s security, saying geo-fencing and stronger encryption are just some of the measures they plan to implement.
“We know we have a long way to go to earn your back your full trust, but we are committed to throwing ourselves into bolstering our platform’s security with the same intensity that we committed to ensuring that everyone would be able to remain connected,” Yuan said.
The issue was first unearthed by Toronto’s Citizen Lab where it performed a quick look at the confidentiality of Zoom meetings. Other issues found include a long history of security concerns with Zoom’s screen-sharing features and data-sharing with Facebook.