Rick Richardson's Views On Technology
  • Home
  • Blog

Zoom Improves Privacy and Security

4/19/2020

0 Comments

 
Picture
Given the level of concern many users have had with Zoom’s security and privacy, the company has been hard at work during the first two weeks of April to bring better control to its video conferencing software. The first changes transformed the safety profile of using its service, albeit with additional overhead for hosts and people joining meetings. On April 8, Zoom’s CEO, Eric Yuan, told NPR, “When it comes to a conflict between usability and privacy and security, privacy and security [are] more important–even at the cost of multiple clicks.”

Here is a synopsis of the recent changes.

Passwords required. All free-tier accounts, free upgraded education accounts, and single-host paid accounts now need a password. It’s generated automatically and may be changed but cannot be removed. This blocks access by those who obtain the meeting ID but not the password, and it prevents access through bots trying to join randomly generated meeting IDs in the reasonable hope of connecting to a password-free session.

Meeting ID hidden. The meeting ID no longer appears in the title bar of Zoom apps to prevent it from appearing in screen captures posted on social media or elsewhere.

Waiting Room enabled. By default, the Waiting Room feature is now enabled for all accounts, even those that previously had the option turned off. The Waiting Room puts participants who attempt to join the meeting into a holding position. The host must admit them. It’s fussy, and if it’s unnecessary in your environment, you can override the default on a per-meeting or per-host basis.

Meeting locks. With a click of the new Security button, hosts can lock a meeting at any point to prevent new participants from being added to the Waiting Room or joining directly. Another click unlocks the meeting.

Name change prevention. Hosts can prevent participants from changing the name that appears when they join or request to join a meeting. Some people—both unwanted visitors and students who thought it was funny—were changing their names to derogatory or abusive forms during meetings.

Domain contacts visibility. Zoom no longer treats every user with the same domain in their email address as belonging to the same organization. Previously, anyone with a given address could view account information or add everyone to their contacts who had the same domain, excluding some significant ISPs and mail hosts, like Gmail and iCloud. That feature is now disabled for free tier and paid single-host accounts, and must be enabled on higher-tier paid accounts.
​
Traffic routed through China. The paths that data travels is a political, regulatory, and business question, not just a technical one. Citizen Lab’s report revealed that Zoom was routing some traffic that didn’t involve any participants in China through servers in that country. Zoom explained that it was an error in load balancing, which seemed plausible given the quick scaling of operations it needed to have. The company said it made permanent changes to prevent data passing through Chinese servers from outside the country. A new feature for paid users starts April 18, and those users will be able to select which of several regions data may pass through. Free users are locked to data centers in the region from which they subscribed. Apart from concerns about China, some people outside the United States don’t trust the National Security Agency or other US intelligence groups.

0 Comments



Leave a Reply.

    Author

    Rick Richardson, CPA, CITP, CGMA

    Rick is the editor of the weekly newsletter, Technology This Week. You can subscribe to it by visiting the website.

    Rick is also the Managing Partner of Richardson Media & Technologies, LLC. Prior to forming his current company, he had a 28-year career in technology with Ernst & Young, the last twelve years of which he served as National Director of Technology.

    Mr. Richardson has been named to the "Technology 100"- the annual honors list of the 100 key achievers in technology in America. He has also been honored by the American Institute of CPAs with two Lifetime Achievement awards and a Special Career Recognition Award for his contributions to the profession in the field of technology.

    In 2012, Rick was inducted into the Accounting Hall of Fame by CPA Practice Advisor Magazine. He has also been named to the 100 most influential individuals in the accounting profession in America by Accounting Today magazine.

    In 2017, Rick was inducted as a Marquis Who’s Who Lifetime Achiever, a registry of professionals who have excelled in their fields for many years and achieved greatness in their industry.

    He is a sought after speaker around the world, providing his annual forecast of future technology trends to thousands of business executives, professionals, community leaders, educators and students.

    Picture
    Picture
    Picture
    Picture
    Picture

    Archives

    October 2022
    September 2022
    August 2022
    July 2022
    June 2022
    May 2022
    April 2022
    March 2022
    February 2022
    January 2022
    December 2021
    November 2021
    October 2021
    September 2021
    August 2021
    July 2021
    June 2021
    May 2021
    April 2021
    March 2021
    February 2021
    January 2021
    December 2020
    November 2020
    October 2020
    September 2020
    August 2020
    July 2020
    June 2020
    May 2020
    April 2020
    March 2020
    February 2020
    January 2020
    December 2019
    November 2019
    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    February 2019
    January 2019
    December 2018
    November 2018
    October 2018
    September 2018
    August 2018
    July 2018
    June 2018
    May 2018
    April 2018
    March 2018
    February 2018
    January 2018
    December 2017
    November 2017
    October 2017
    September 2017
    August 2017
    July 2017
    June 2017
    May 2017
    April 2017
    March 2017
    February 2017
    January 2017
    December 2016
    November 2016
    October 2016
    September 2016
    August 2016
    July 2016
    June 2016
    May 2016
    April 2016
    March 2016
    February 2016
    January 2016
    December 2015
    November 2015
    October 2015
    September 2015
    August 2015
    July 2015
    June 2015

    Categories

    All
    Artificial Intelligence
    Audit
    Back Up
    Back-Up
    Blockchain
    Climate
    Cloud
    Collaboration
    Communication
    Coronavirus
    COVID 19
    COVID-19
    Digital Assistant
    Display
    Drone
    Edge Computing
    Education
    Enterprise
    Hardware
    Home Automation
    Internet Of Things
    Law
    Medicine
    Metaverse
    Mobile
    Mobile Payments
    Open Source
    Personalization
    Power
    Privacy
    Quantum Computing
    Remote Work
    Retail
    Robotics
    Security
    Software
    Taxes
    Transportation
    Wearables
    Wi Fi
    Wi-Fi

    RSS Feed

    View my profile on LinkedIn
Powered by Create your own unique website with customizable templates.