Silicon Valley Tried to Help Zoom on Security
By Jim Lundy
Zoom is now in the security business in a big way, but its customers forced it to act. The provider has had serious issues, with many in the public concerned that a Zoom meeting sign in is not a secure way to conduct business. However, well before its current woes, Silicon Valley investors and partners of Zoom tried to help. This blog looks back at the help others tried to give to Zoom. It turns out Zoom knew about most of its issues.
Zoom Knew About Its Security Issues
Zoom did know about most of its security issues—but it waited to act. In fact, it disclosed some of its issues in its S-1 Pre-IPO filing with the SEC (see page 20 of the S-1). While this is common to disclose, it was clear to anyone in technology that Zoom had cut corners on security. In fact, the removal of Zoom online meeting code from all MacOS computers by Apple in the summer of 2019 is about as bad as it gets.
Dropbox Tried to Help Zoom
Many fail to realize that other major companies in Silicon Valley, such as Salesforce and Dropbox, were investors in Zoom. Dropbox even tried to do bug testing for Zoom and submitted its findings. Zoom eventually did fix those bugs, but it took a while. It is ironic that Dropbox was helping Zoom because even Dropbox faced similar issues with security years ago, a situation that led to overall increased security in the cloud content market.
Alex Stamos of Stanford Is Trying to Help Zoom
Zoom has hired Alex Stamos, formerly of Facebook, to help Zoom, but he has become a spokesperson for Zoom. To me, he isn’t really helping. He is defending Zoom by being an apologist. Alex was not truthful in his interview on CNBC last week when he said other firms, such as Cisco and Microsoft, have security issues too. That is not true, and he really should be forced to retract the statements that he made. The fact is that Cisco and Microsoft both have some of the best collaboration security on the market, and they back that up with written statements about their products. Badmouthing competitors is just not good business.
Now, Zoom Is Focused on Security
Zoom moves fast, and it now has a new client coming out that promises enhanced security. This was a good wake-up call for Zoom, but the reality is that it knew this was coming. Our hope is that buyers become more aware of security requirements for collaboration. This is something we talk to clients about, and we highlighted the need for collaboration security in our recent report on Web and Video Conferencing.
Zoom should not have waited until it was in the public spotlight to fix its security issues. A Zoom meeting, like any communications solution, must be able to make its users feel secure. Moving forward, market players should pay attention to how Zoom handled these issues and learn the valuable lesson of listening to security advice when it is given.