CybersecurityNews

Zoom Receives Latest Certifications for Enhanced Platform Security

Jason Lee, Chief Information Security Officer at Zoom.

Zoom Video Communications today said it has recently received a variety of third-party certifications and attestations, unveiled product innovations, and established programs, a pointer to the initiatives undertaken at Zoom to help protect the security and privacy of its users.

“Safety, security, and privacy are at the core of how we make decisions at Zoom and enhance our platform,” said Jason Lee, Chief Information Security Officer at Zoom. “We remain committed to being a platform that users can trust for all of their online interactions, information, and business.”

Third-party certifications and standards are integral to Zoom’s security program’s foundation. The company recently expanded its list of growing attestations, including Publication of a Data Protection Impact Assessment (DPIA) on Zoom’s Meetings, Webinar, and Chat services from SURF; achievement of the Cyber Essentials Plus certification; Provisional Authorization (PA) for Zoom for Government from Defense Information Systems Agency (DISA) for the Department of Defense (DoD) at Impact Level 4 (IL4), Common Criteria Certification.

In addition, Zoom continues to enhance its security features for all users with the introduction of recent innovations such as automatic updates in the Zoom client. With automatic updates, Zoom is helping users to receive important security fixes and other features, improving their overall experience with the Zoom platform.

The company will soon make available innovations including a Bring Your Own Key (BYOK) offering, which will be released this year. Along with that Zoom’s end-to-end encryption (E2EE) offering will also be rolled out to Zoom Phone, for one-on-one, intra-account phone calls that occur via the Zoom client later this year.

To meet the growing needs of its global customer base, Zoom has established programs that bring in expertise and skills from around the world to inform security innovation and identify potential threats. These include a CISO Council to foster a strategic feedback loop for upcoming security and privacy innovation, and the development of a Data Security and Protection (DSP) Toolkit in support of the National Health Service (NHS).

In addition to the daily testing that Zoom conducts on its solutions and infrastructure, Zoom invested in a skilled global team of security researchers via a private bug bounty program. Hosted on HackerOne’s platform, the world’s most trusted provider of ethical hacking solutions, the program led to the recruitment of over 800 security researchers whose collective work resulted in the submission of numerous bug reports, and awards of over $2.4 million in bug bounty payments since the program was introduced. In 2021 alone, Zoom awarded over $1.8 million across 401 reports.

Zoom keeps privacy and security top of mind for all end users. Zoom launched its Trust Center, a one-stop shop for assets and information on Zoom compliance, privacy, safety, and security. It includes compliance and corporate governance resources, a detailed privacy overview, security resources and certifications, a detailed trust and safety overview, and more. Zoom also recently introduced its Learning Center, which provides a series of free courses to get the most out of Zoom. Users can complete a “Zoom Security Basics” training and earn the “Security Champion” badge. The Zoom Trust Center and Learning Center also contain information on Zoom’s security features and how to keep meetings secure. This includes pre-meeting and in-meeting settings such as passwords set at the individual meeting, user, group, or account level; meeting Waiting Rooms; the ability to lock a meeting, remove, mute or place participants on hold; and much more.


Read More News: https://www.smechannels.com/category/news/ || Watch CIOtv: https://ciotv.live/ || Read IT Leaders News: https://www.enterpriseitworld.com

Related posts

Surge in Attacks: 2H 2021 NETSCOUT Threat Intelligence Report

adminsmec

ManageEngine Recognized Among “Providers That Matter Most” in Privileged Identity Management

adminsmec

Truecaller launched enterprise solutions for businesses

adminsmec
x