My company recently blocked Zoom

I am the digital marketing director of a regional, multi-billion dollar credit union. Up until recently, we had no corporate video conferencing tool for all staff. Late last year, they began rolling out Webex for certain staff. With the COVID-19 stay-at-home orders, the Webex rollout was significantly expanded. From what I understand, the IT department chose Webex over other options after a decent assessment of solutions.

Since 2018, I have used Zoom as a recipient of meeting invitations from vendors. Compared to Webex, I have found Zoom’s audio/video quality to be very crisp, especially when using computer audio. I’ve come across a good number of vendors who send us Zoom conference call details for recurring meetings or sales pitches. For whatever reason, our IT department did not choose Zoom over Webex last year. Now, I think I have a better idea of why.

Yesterday, I had two vendor meetings on my calendar, both with Zoom conference call info. I learned just before the first meeting that our IT’s Information Security group (with executive support) began blocking Zoom from corporate access (which includes joining other people’s meetings). This is related to security concerns that have been widely discussed on this board. Since I do not work in that department, I do not have details on what specific triggers led to the IT department’s decision.

What I can say is that I work in a 700-person organization that has a vigilant information security team. For whatever reason, they thought it was in the company’s best interest to not access Zoom at all.

Just sharing feedback from my corner. Some of you work for other corporations whose Information Security groups have come to a different conclusion than our group. So, don’t take this to mean that Zoom is frowned upon by all or most corporations. This is not a buy or sell recommendation. As I mentioned earlier, my experience with Zoom as a user has been very positive.

-ElonFeeNix
no position in ZM

We blocked it too, security hole. Our CISO ordered it shut down.

Us too. An email just came out to today, addressed to the whole company that Zoom is being blocked by our servers for security reaosns.

tj

I work for one of the largest companies in the US , an IT company. We switched over to Zoom a few months back. Yesterday they said to use a password for meetings, a much easier and less over-reactive solution than scrapping it. So much fear in the world at the moment leading to poor decision making in some cases.

I work for one of the largest companies in the US , an IT company. We switched over to Zoom a few months back. Yesterday they said to use a password for meetings, a much easier and less over-reactive solution than scrapping it. So much fear in the world at the moment leading to poor decision making in some cases.

I am not a fan of anecdotal information, but I work for one of the largest 10 banks in the world, one which Saul has mentioned previously. We are also moving ahead with Zoom and are now being asked/forced to use passwords on all our scheduled meetings and personal meeting rooms.

I work for one of the largest companies in the US , an IT company. We switched over to Zoom a few months back. Yesterday they said to use a password for meetings, a much easier and less over-reactive solution than scrapping it. So much fear in the world at the moment leading to poor decision making in some cases.

Three points.

First, this has hit the public consciousness. My brother also is also in that group that been told by his organization that Zoom is prohibited (even if invited by others). My organization uses Zoom, but if our customers refuse to use it, we will have to switch.

Second, I don’t think banning it is an overreaction. Bruce Schneier is arguably the world’s best known crypto expert in the world. He has several choice words to say about Zoom ( full article: https://www.schneier.com/blog/archives/2020/04/security_and_… ).

In general, Zoom’s problems fall into three broad buckets: (1) bad privacy practices, (2) bad security practices, and (3) bad user configurations. … Now security: Zoom’s security is at best sloppy, and malicious at worst. … But it gets worse. Zoom’s encryption is awful.

Third, I actually think Zoom is responding well to this. To quote a bit from their blog post ( https://blog.zoom.us/wordpress/2020/04/01/a-message-to-our-u… )

Enacting a feature freeze, effectively immediately, and shifting all our engineering resources to focus on our biggest trust, safety, and privacy issues. Conducting a comprehensive review with third-party experts and representative users to understand and ensure the security of all of our new consumer use cases.

Also, they hired Alex Stamos. (I don’t think that hiring someone from Facebook is a great way to inspire trust around privacy, but at least he probably has the technical skills.) So, it seems like they are handling it effectively: they are getting in front of it and being as proactive as they can.

Which takes me back to the start. My brother is actively trying to push to use Zoom again. They are documenting the best practices, submitting them to their leadership to show that they know how to use Zoom securely. They are are also objecting to some of the proposed alternatives and highlighting the equivalent security issues with those platforms as well.

In short, I don’t think saying “abandoning Zoom is an overreaction” is fair. There are very serious problems. Both in reality and in perception. As investor, it bears watching. But, so far, Zoom seems to be handling the security issues effectively, including by treating them seriously rather than being dismissive.

–CH

I am not a fan of anecdotal information, but I work for one of the largest 10 banks in the world, one which Saul has mentioned previously. We are also moving ahead with Zoom and are now being asked/forced to use passwords on all our scheduled meetings and personal meeting rooms.

My friend whose wife works for Boston Consulting Group says they went over to Zoom this week as planned.