Get off Zoom’s Case. I Trust Them, and so Should You

I’m a security professional, and I trust Zoom. So should you.

There’s a recent trend among security professionals to ‘gang up’ on Zoom. These professionals should feel ashamed of themselves. For most use cases and users, Zoom is secure and safe.

I will keep this short.

1. Whenever a security issue has been discovered with Zoom, they have been quick to respond and issue a fix. That is far better than can be said of most software companies out there. In cyber security, when bad stuff happens, how you respond is how you are measured. Zoom gets an A+ from me.
2. As an administrator of my Zoom account, I can secure my account. Default settings for those not wanting to mess with the settings were lacking, and guess what? These have been fixed, and are being fixed. It’s now easy for everyone.
3. A lot has been said about Zoom’s encryption not being up to par. I challenge anyone to show me how any other such software of this type handles peer to peer encryption with dozens of folks in the conversation. But you know what? Seeing how Zoom has been inspirationally responsible up to now, I am looking forward to seeing how they innovate on this.
4. Zoom scaled beyond any reasonable growth measure the last few weeks, and still manage to do a good job on security. I’m impressed by that.
5. They do good for the community. That’s an extra off-topic brownie point right there, mentioned second to last.
6. They provide a kick-ass service.

I won’t use Zoom for secrets sharing, but I definitely will use it for everything else. You should too.

Lastly, colleagues, friends, perhaps Zoom isn’t good for your personal use case and they certainly made mistakes. But don’t jump on the bandwagon, it makes you look unprofessional at a time when you of all people must be a lighthouse to your neighbors in a difficult time. That’s what Zoom is doing, and that’s a corporate culture we need to encourage.

Thanks,
Gadi Evron.
(Twitter: @gadievron, Facebook: @gadioncyber)

Edit:
Here is a post by Dave Kennedy, Amit Serper, and Russ Handorf, that goes into the topic more in-depth, from a technical standpoint.