Zooming ahead
Video conferencing app Zoom is looking to address security concerns as UAE users top one million, writes David Ndichu
You know a brand has reached peak awareness when it becomes a verb. So, in the Covid-19 era, we don’t video conference, we ‘Zoom’. While it takes brands years, and sometimes decades, to cultivate sticky brand recognition, it took Zoom just a few short months as it emerged as the de facto communication tool following the outbreak of Covid-19.
In the UAE, Zoom gained at least 100,000 free and paid users within the first week of the lifting of the ban on VoIP. This number reached one million users within a month of the ban being lifted, a staggering 900 per cent growth. By the end of April 2020, the free user sign-up growth in the UAE increased 105 times from January.
To put this growth in context, as of the end of December 2019, the maximum number of daily meeting participants – both free and paid – that Zoom hosted stood at approximately 10 million. In March this year, the app reached more than 200 million daily meeting participants, rising to more than 300 million in April. The video conferencing app’s main selling point is its free 40-minute conference calls with up to 100 attendees. It’s also easy to use – people don’t need a login to access a meeting.
“We are confident that our architecture is built to handle these growing levels of activity,” says Sam Tayan, managing director for Middle East and Africa at Zoom.
EDUCATION
“WE HAVE MADE SIGNIFICANT PROGRESS DEFINING THE FRAMEWORK AND APPROACH FOR A TRANSPARENCY REPORT”
Education continuity was one of the main concerns for authorities when Covid-19 struck. Platforms such as Zoom were key in allowing schools to transition to e-learning. Tayan says over 100,000 schools across 25 countries are using the platform for online learning. On March 16, Zoom lifted the 40-minute meeting limit on free basic accounts for K-12 schools in the UAE.
Some regional universities even hosted their graduation ceremonies over Zoom, Tayan says. “We have observed that education sector players in the region are very positive about the ease of using Zoom and the speed with which they can shift towards e-learning without delays and excessive training requirements,” he adds.
SECURITY
Unfortunately, the popularity of such a platform also tends to attract the attention of a more nefarious nature. Indeed, a new verb related to the platform entered the lexicon – Zoombombing – where hackers and internet trolls hijack a teleconferencing session to share lewd or obscene content.
In response, Zoom in April announced a 90-day freeze on releasing new features to focus on fixing privacy and security issues.
Among security features incorporated into the latest update of the platform, Zoom 5.0, was AES 256 GCM encryption, a ‘Security’ icon and the ‘Report a User’ feature. The company also changed default settings for meetings (turning on passwords and waiting rooms by default), tighter Zoom Chat controls, and more. Zoom also acquired Keybase, which helped it to start building end-to-end encryption for all users (free and paid), and began offering customised data routing by geography.
“On conclusion of the 90- day security plan, we made significant progress defining the framework and approach for a transparency report that details information related to requests Zoom receives for data, records, or content,” says Tayan.
“In the meantime, we have recently released a Government Requests guide and we also updated our privacy policies, mostly to make them easier to understand,” he adds.
Security details will be released in the fiscal Q2 data in its first report later this year, Tayan says.
Zoom has also developed a central bug repository that takes vulnerability reports from bug bounty platforms such as HackerOne, Bugcrowd, and security@zoom.us.
“We established an ongoing review process with daily meetings and improved our coordination with security researchers and third-party assessors. We also hired a head of Vulnerability and Bug Bounty, several additional AppSec engineers, and are in the process of hiring more security engineers, all dedicated to addressing vulnerabilities,” Tayan explains.
Besides, Zoom launched a CISO council composed of 36 CISOs from a variety of industries, including cybersecurity firm SentinelOne, Arizona State University, HSBC, and Sanofi. This council has met four times over the past three months and advised on important matters such as regional data centre selection, encryption, meeting authentication, and key security features, says Tayan.
“Since April 1, we have hosted a total of 13 webinars every Wednesday to provide privacy and security updates to our community. The webinars feature a number of its executives and consultants who take live questions from attendees,” Tayan explains.
HARDWARE
Zoom earlier this year announced it is entering the hardware space, in conjunction with DTEN ME. It launched ‘Zoom for Home’, a new category of integrated software and hardware devices.
Zoom for Home works right out of the box and anyone with a Zoom licence can connect seamlessly, Tayan says.
The features for the all-in- one 27-inch device include three built-in wide-angle HD cameras, an 8-microphone array, a touch display for screen sharing, whiteboarding, annotating, and ideation. Zoom for Home is also compatible with all Zoom Rooms Appliances, including other hardware solutions from Neat and Poly, Tayan explains.