April 14, 2020 by Siobhan Climer and Mishaal Khan
As the number of individuals employed in a work-at-home model soars due to the ongoing health and safety recommendations from the federal government, businesses have shifted their attention towards collaboration platforms that embed audio, web, and secure video conferencing solutions.
The Rise – And Fall – Of Zoom
In the first three months of 2020, Zoom added 2.2 million users – more than the total number of new users it added in 2019. Zoom is one of the most robust conferencing solutions on the market. It’s easy-to-use – even for less tech savvy users – and is utilitarian.
Unfortunately, the popularity of Zoom has hit a roadblock on the constant after-thought in technology: cybersecurity. The security flaws and errors were so egregious, Zoom’s Chief Product Officer wrote an entire post attempting to clarify their misuse of the common and well-defined cybersecurity term “end-to-end encryption”.
In one glaring paragraph, they write:
“Zoom has always strived to use encryption to protect content in as many scenarios as possible, and in that spirit, we used the term end-to-end encryption. While we never intended to deceive any of our customers, we recognize that there is a discrepancy between the commonly accepted definition of end-to-end encryption and how we were using it.”
In addition to the misuse of end-to-end encryption, Zoom has also committed a number of other significant security no-nos. These include:
- Zoom-bombing: From benign script kiddies to malicious cybercriminals, a number of individuals have hacked into company Zoom meetings. They hijack the meeting and sometimes spread racist, hateful, or indecent messages and/or images.
- Data leakages: Using the Windows 10 Zoom client chat feature, attackers can share malicious links and access secure network credentials.
- Privacy shortcomings: The number of privacy concerns is astounding. From sharing data with third parties without notification to sending analytics of non-Facebook users to Facebook, the attack on users’ privacy is unrelenting.
- Quality of service: While Zoom is by no means along in this failure, it is failing when users need it most. IT administrators are unable to easily monitor performance across the distributed network, which disrupts operations.
- Availability of service: The wide use of Zoom has led to several failure instances. Many organizations have had to rely on secondary platforms, which adds an additional security complication.
In response to these issues, schools across the U.S. have banned Zoom – as has the government of Taiwan – to help protect users’ privacy and eliminate broader security concerns.
While cybersecurity will continue to be a back-burner concern for some organizations, others have found the serious nature of the security concerns with Zoom reason to switch collaboration solutions. And IT administrators on the hunt for secure video conferencing solutions are finding that Cisco Webex Teams might just do the trick.
How Cisco Webex Teams Does Secure Video Conferencing Right
Consider this important difference. Back in July of 2019 – months before the coronavirus was first detected and the rush to work-at-home took off – Cisco’s collaboration published a blog. In contrast to Zoom’s reactionary post, Cisco took a proactive and transparent approach to security, writing:
“We believe in making technology and software that helps people around the world collaborate better, faster, and smarter than ever before. All without sacrificing your confidence in our security. Especially because an unsecured video conferencing solution not only opens up the possibility to meetings being listened in on, it could also indicate vulnerability of a compromised network. Both of which are extremely risky, no matter your business size, industry, or sector.”
Security is not an after-thought for Cisco Webex Teams. It is embedded into every step of the development process. While that can occasionally make the product slightly less user-friendly, it can mean the difference if the sensitive data of your business – and possibly your clients – is secure.
What Does Secure Video Conferencing Include?
A few things:
- SOC-2 Type 2
- ISO 27001
- FedRAMP compliant
- General Data Protection Regulation (GDPR) compliant
- End-to-end encryption (really)
That’s all important. But the true difference is that security is front-and-center at every stage of the process. Unlike its competitors, Cisco Webex Teams’ users don’t find out about security issues from news organizations or friends. Cisco’s own internal teams are constantly highlighting any issues and offering immediate remediation.
That’s proactive dedication to transparency.
A Reminder: Why Does Secure Video Conferencing Even Matter?
In some industries, it’s obvious. For organizations in healthcare, education, or retail, protecting user data is critical. These industries are regulated by HIPAA, FERPA, or PCI-DSS rules. For others, the backlash from a security incident comes directly from users. When a data breach or cybersecurity attack happens, these businesses lose their reputation.
Find out more about how privacy and data security intersect in our whitepaper and talk to Mindsight’s team today about how to make sure you have the most secure video conferencing solution.
Like what you read?
Contact us today to discuss secure video conferencing solutions.
About Mindsight
Mindsight is industry recognized for delivering secure IT solutions and thought leadership that address your infrastructure and communications needs. Our engineers are expert level only – and they’re known as the most respected and valued engineering team based in Chicago, serving emerging to enterprise organizations around the globe. That’s why clients trust Mindsight as an extension of their IT team.
Visit us at http://www.gomindsight.com.
About The Authors
Mishaal Khan, Mindsight’s Senior Security Solutions Architect, has been breaking – and thankfully – rebuilding computers for as long as he can remember. As a Certified Ethical Hacker (CEH), CCIE R&S, Security Practitioner, and Certified Social Engineer Pentester, Mishaal offers insight into the often murky world of cybersecurity. Mishaal brings a multinational perspective to the business security posture, and he has consulted with SMBs, schools, governments, and global enterprises, seeking to spread awareness in security, privacy, and open source intelligence.
Siobhan Climer writes about technology trends in education, healthcare, and business. With over a decade of experience communicating complex concepts around everything from cybersecurity to neuroscience, Siobhan is an expert at breaking down technical and scientific principles so that everyone takes away valuable insights. When she’s not writing tech, she’s reading and writing fantasy, hiking, and exploring the world with her twin daughters. Find her on twitter @techtalksio.
Covid-19 Shocks The Workplace: Can We Collaborate While “Social Distancing”?
