The Office of the Attorney General of the State of New York has reached a settlement with Zoom Video Communications. The agreement promises enhanced data security and user controls.
New York State Attorney General Letitia James made the announcement on May 7, 2020, following a state-led investigation into the video conferencing service launched in March 2020. The inquiry focused on the security concerns around the sudden widespread use of Zoom’s service during the COVID-19 pandemic lockdown.
The enhanced data security measures include encryption of data at rest, protection from hacker attempts at account access, and the implementation of a vulnerability management program and regular penetration testing. The enhanced privacy controls will be applied to all account tiers, including free accounts and accounts used in K-12 education.
User privacy has also been addressed by the agreement. This results in a severance of Zoom’s user-data sharing practice with Facebook and LinkedIn, particularly in cases where the user has explicitly selected the “anonymity” option. Zoom has agreed to provide the New York State Attorney General’s Office a copy of its annual security assessment report.
Full details of the agreement can be viewed on the New York State Attorney General’s website.
On a related note, federal US officials recognize the benefit to US citizens of web conferencing during the pandemic. This had led to the Office for Civil Rights division of the US Department of Health and Human Services announcing in March 2020 the temporary suspension of penalties for HIPAA noncompliance when using video conferencing services for telehealth.
The New York State Attorney General’s Office’s settlement with Zoom brings great benefit to all users of the service. Zoom will need to build the security mechanisms to comply with the settlement, and much of these enhancements address security concerns that have been raised about the service. Therefore, Zoom can incorporate the security enhancements in a comprehensive way while ensuring that it remains compliant with the terms of the agreement.
Of note in the settlement letter is Zoom’s requirement to encrypt data at rest in addition to data in transit. While this addresses the issue of user data stored in Zoom’s data centers, it does not explicitly mention end-to-end encryption per se; there is still an implied intermediary step between the encryption-in-transit and the encryption-at-rest states that is not explicit addressed in the agreement. Zoom customers are advised to wait and see how Zoom implements the security measures before concluding that Zoom is as secure as its rivals.
Info-Tech Research Group continues to stay on top of these developments. Watch this space for more updates.
Verizon has acquired BlueJeans for between $400–500 million. The move will see BlueJeans integrated into Verizon’s 5G plans, utilizing BlueJeans advanced and encrypted video-conferencing solutions for telehealth, e-learning, and field service work.
With an update that makes it easier for new and existing users to jump into a meeting, Cisco’s Webex is looking to address one of the few areas where it’s not rated at the very top of the pack.
If you’ve been working remotely during the pandemic, chances are you’re doing a lot of videoconferences with a poor-quality laptop webcam. If you own a Canon camera and use Windows 10, a new free utility can help you upgrade that A/V setup.
Zoom is living up to its namesake in its responsiveness in addressing security and privacy issues that users have identified. While the upcoming 5.0 update addresses many initial concerns, the product still does not offer end-to-end encryption.
The impact of COVID-19, as it became a global pandemic in Q1 of 2020, has affected user sentiment toward software during a growing period of fear, uncertainty, and doubt. To analyze the impact, SoftwareReviews compared Satisfaction (willingness to recommend to a peer), ability to deliver Business Value (fair cost to value), and Likeliness to Renew prior to March 10 and post March 10.
Security research firm Cyble has reported a discovery of over 500,000 Zoom accounts, including login and password information, being sold on the dark web and in hacker forums.
While the US stock market declines as rapid selloffs follow COVID-19’s global outbreak, Zoom Video shares have increased. This is because more people are choosing to work remotely to avoid contracting the disease, positioning videoconferencing as an essential part of business continuity plans against biohazards.
Zoom has offered a range of new services to help those affected by the COVID-19 outbreak.
As the world responds to the spread of the novel coronavirus COVID-19, closed schools in some affected areas are turning to eLearning and web conferencing to maintain continuity in course delivery and/or studying.