It took everyone by surprise when it was discovered that the video calls made in Zoom were being compromised due to lack of proper security and encryption. Therefore, when the announcement was made by Zoom today on one of their blog posts that the company will now be allowing its paid customers to choose the data center from where they want their calls to be routed. It surely created a sign of relief amongst many of its customers.
This policy will be implemented from the 18th of April onwards and has come to light when researchers from the University of Toronto’s Citizen Lab discovered the potential risk that the Zoom encryption technique has its customers exposed to. The researchers discovered that the company was generating encryption keys from China, even though the person was not even present in China when the calls were made.
The Zoom Company has its data centers in China, Australia, Canada, India, Europe, Latin America, the US, and Japan or Hong Kong. Meanwhile, the company has released information that it will allow its paid customers to choose any of the above data centers mentioned to route their calls from. But you still cannot choose to opt-out of the default region for calling. This service will be available for customers with paid profiles on the Zoom software.
For the customers that are using Zoom on a ‘free’ basis, they won’t be able to change their default region for routing. But in case the person does not belong to China or is not physically present there, he or she does not have to worry about their calls getting routed through the data center of China, as they are no longer going to carry on with it.
On the 3rd of April, the researchers of the University of Toronto’s Citizen Lab discovered that the company sometimes generated encryption key for their security from the servers of China. Under this pretense, the Government of China can demand the keys from the company as and when needed, and the company will also have to oblige.
The CEO of Zoom, Eric Yuan, said that after the practice of social distancing was implemented, there was a huge rush in the existing servers of Zoom. The reason behind that was because almost every company wanted its employees to start work from home, and meetings started taking place online for project implementation and discussion.
Therefore, to curb the rush and tackle it, the company says that to increase their server capacity, the Zoom Company may have lacked in implementing their geo-fencing best practices, which may have caused or been the reason for the calls being routed through China. Due to that reason, there might be a chance that “certain meetings were allowed to connect to systems in China.” This situation was not created intentionally, and the company has deep regrets about it. They have said that they are working on correcting the issue and will soon fix it.
On the 1st of April, the CEO of Zoom had also announced that the company would be going on a 90-day freeze mode, to fix their security and privacy issues. Many big tech giant companies had also lodged a complaint against their weak encryption technique, and hence the decision was taken.
Google had also asked its employees to stop using the Zoom Software on their corporate devices and to switch to some other video calling software. Google said that Zoom Software fails to follow the guidelines of security and privacy of Google.
The CEO of Zoom also said that by the end of December, the number of daily users on Zoom increased drastically from 10 million to 200 million users daily. It happened because of the pandemic coronavirus and the start of work from home to practice social distancing by various IT and non-IT sector professionals. The company is trying hard to meet the needs of its customers, and it has assured them that a permanent solution will soon be released.