After privacy issues prompted the New York City Department of Education to transition away from Zoom as a telelearning option, the department has reversed that decision, noting that the teleconferencing company has created a safer platform for the city’s students.
“We’ve worked with Zoom to create a tailored platform that provides the safety and functionality schools need to engage in remote learning,” Schools Chancellor Richard A. Carranza said in a statement shortly before the company revealed it has acquired secure messaging and file-sharing service Keybase to achieve its goal of end-to-end encryption. “I’m happy that Zoom has addressed vulnerabilities over the last few weeks and effective immediately, our community can safely use the Department of Education licensed Zoom account for remote learning.”
Zoom founder and CEO Eric Yuan said in a statement sent to SC Media that the company was “proud the New York City Department of Education has made Zoom available as an approved home-based learning platform to educators and staff across the city for secure and frictionless remote education to the city’s over 1.1 million students.”
Yuan previously acknowledged Zoom’s growing pains after it “ballooned overnight,” with more than 200 million daily meetings (compared to 10 million per day by last December) and said it had “fallen short of the community’s – and our own – privacy and security expectations.” Yuan implemented a number of measures meant to bolster privacy.
The acquisition of Keybase moves Zoom closer to implementing promised end-to-end encryption that privacy advocates have said is critical to assuaging concerns.
For normal users, the addition of end-to-end encryption should be viewed as enhancing the overall security of their meetings,” said Tim Mackey, principal security strategist at Synopsys CyRC. “With recent examples of inappropriate accesses to meetings on the conferencing platforms, this end-to-end encryption helps ensure that any potential for a meeting to be intercepted or for someone to otherwise ‘hack’ into a meeting are minimized.”
Charl van der Walt, Head of Security Research at Orange Cyberdefense applauded the acquisition as proof of “Zoom’s robust and transparent response to recent security concerns,” explaining that “it builds on the latest 5.0 update, which includes upgraded encryption, a new, clearer security icon to access the safety settings, a tool to report users and new password controls.”
Implementing end-to-end encryption won’t come without hiccups. Mackey expects it will cause “some disruption to existing users who many currently access their meetings with devices that are incapable of supporting Zoom’s end-to-end encryption protocols.” He said Zoom likely will address shortcomings with “the devices within their vendor ecosystem, so the impact to most users should be minimal.”
While van der Walt called Zoom’s response to the negative publicity “impressive,” he said “the market will be closely monitoring how the platform performs in the coming months, particularly in the light of increased competition as vendors battle to take a share of the remote working world.” With Google and Microsoft fast-tracking development, Zoom will “stay on its toes,” he said, “and those established enterprise vendors already have the much stronger centralised management features we feel enterprise users demand.”
The company this week also announced that it had added Lieutenant General Herbert Raymond “H.R.” McMaster as an independent director on its board.