San Francisco The many reports of security holes and warnings from politicians have spurred the growth of zoom not harmed. “Germany is our fastest growing market worldwide,” says Peer Stemmler, Germany boss of the US video conference provider, the Handelsblatt. It is here that the San Jose, California company also increases its investments and the number of employees the most.
Zoom is one of the few companies to benefit massively from the corona pandemic. In December, when the service was mainly used for business meetings, the app was used by ten million people every day. Because of the global curfews, coffee and math lessons, birthday parties and bar mitzvah celebrations are now taking place via video. In a time of social distancing, Zoom enables social life for millions of people.
There is even a word for the separation of partners via zoom: Zumping, a suitcase word from zoom and dumping.
In the corona crisis, the number of users rose to 200 million, with the company counting everyone who attended a meeting. Competitors like grow Google Hangouts, Microsoft’s Skype or Bluejeans, the acquisition of which the US mobile phone company Verizon just announced. But Zoom pulls everyone away.
However, the criticism grows with attention: numerous weak points as well as a questionable handling of user data have become public. Numerous companies have banned the software in the past few days and weeks, politicians have warned against it. Zoom knows about the problems – and promises improvement. “The basic values with which we designed our product were seamless and smooth so far. In the future, it will be seamless, smooth and secure, ”Chief Information Officer Harry Moseley told Handelsblatt.
Zoom access data in the Darknet
So far there has been a lack of security. Easy access to video meetings, which by default worked without a password, led to the so-called “zoom bombing” attacks on foreign meetings, which ranged from pranking to attacks by right-wing extremists at Jewish funerals.
Security researchers found that Zoom was having some conversations about a data center in China even though no attendees were there, and asked whether the Chinese government could force Zoom to give them access to chats. Recently, data sets with around 500,000 zoom accesses appeared in the Darknet, which hackers offered for sale there. It’s the best ever, it’s the worst ever for zoom.
Some companies and public institutions reacted with zoom bans for their employees: The space company Space X and Google prohibited the use, as did the German State Department, the US Senate, the school authority in the state of New York or the space agency Nasa. The U.S. Department of Defense clarified that only Zoom’s special government service that uses its own servers is allowed.
Nancy Pelosi, the Democratic majority leader in the US House of Representatives, called Zoom a “Chinese organization” – although Zoom boss Eric Yuan was born Chinese, he founded the company in 2011 in San Jose in the south of Silicon Valley, not an hour’s drive from Pelosi’s constituency San Francisco away.
Now the company wants to go on the offensive again. Entire teams of developers have been removed from working on new features to deal with security issues, says CIO Moseley. The problems should be resolved within 90 days and an external security check should be completed in order to regain customer trust.
CEO Eric Yuan shows unusual personal commitment to this: Every Wednesday morning the founder of the company, which has been listed since 2019, gives an “Ask Eric Anything” webinar with some of his board members. Yuan sits in front of the Golden Gate Bridge, one of the customizable backgrounds in the app, explains progress and answers user questions.
Facebook-Specialist as consultant
Alex Stamos has been supporting the company since Wednesday. From 2015 to 2018, he was Facebook’s board member responsible for security. He is said to have left the company in a dispute over how the online company should deal with the abuse of its platform by Russia before the 2016 US presidential election. Today he teaches in Stanford and is a cyber security capacity.
After the first reports of security vulnerabilities at Zoom, Stamos criticized “doubtful design decisions” on Twitter on April 1st. The company had to demonstrate greater transparency and have its progress professionally checked by hackers. “This is an opportunity to bring trust back.”
Yuan then called him and asked Stamos for advice. “Never before has a company had to expand its service so quickly, especially not for something as data-intensive as video transmission,” says Stamos in a webinar. The team he works with are currently doing the login records for Zoom traded on the Darknet.
Zoom hired two cybersecurity companies to infiltrate the fence group, Stamos said. They found that the data of the 500,000 accounts were already known from previous hacks. “Every company that has user logins has to deal with this problem,” says Stamos. On Facebook, they would have captured and checked records of this size every day.
Zoom has dealt with many criticisms in a short time. To prevent “zoom bombing”, every chat should now be password-protected and have a virtual waiting room from which new visitors must first be let in. The use of servers in China was a mistake that was due to the extreme increase in users.
The data center in China will be removed from the global network and a new one will only be set up for Chinese customers, says Germany boss Stemmler. In the future, paying users could also choose in which regions the data centers should be located, through which their video chats are brought together.
IT security has a price
Stemmler emphasizes, however, that many of the steps that are being taken now have their price. If the data could no longer take the shortest route to an available data center, the image quality would tend to decrease. Password protection and virtual waiting rooms are important for business meetings or sensitive private appointments, elsewhere they are annoying and overwhelming technical amateurs.
Zoom grew so gigantic, mainly because a click on a link was usually enough to get into a meeting. The more hurdles there are between users and their meetings, the more Zoom’s advantage over the competition shrinks. “It will be a big challenge, which we hope we can solve through innovation,” says Zoom CEO Moseley.
Compared to other tech companies, Zoom has reacted quickly to the criticism and seems to want to tackle it point by point. When Facebook boss Mark Zuckerberg was asked about the abuse of his platform by Russia after the 2016 election, he initially called the allegation a “pretty crazy idea”.
Yuan made a public apology in a blog post. He even thinks it is conceivable to disclose Zoom’s source code to give external security experts the opportunity to work on better solutions themselves.
In early July, the 90 days in which Zoom plans to improve the security of its service will have expired. Only then will it be possible to give an answer as to whether Zoom deserves a second chance.
More: This is how companies establish a good home office culture