A company with 10 million downloads and users in December 2019 increased to 300 million by April 2020. Was the company ready for this? What went wrong? How the ZOOM could avoid this situation?

It was a blessing for the video conferencing collaboration tool when the country lockdown announced due to coronavirus. People shifted themselves to the online platform for company meetings, schools, friends, and many more. Until we started hearing the news about how insecure the data is, using the ZOOM platform.

We saw more than 500,000 names and passwords of the ZOOM platform was on sale, the meeting could be cracked by any hackers. Also, later Motherboard revealed that ZOOM is sharing the user analytics data with Facebook without the customers being aware.

Later March 2020 till June 2020 we could see the negative news about ZOOM daily. They were charged against not using encryption for the data. The data did not end to end encrypted and, the user information was in connecting with a Chinese server that would save all the information.

From March 26 to April 9 there were a total of 17 lawsuits raised against the company. Currently, the company is trying to resolve the situation and fix the bugs within the system. By April 9, 2020 ZOOM was at risk as:

• US Schools banned ZOOM
• THE US Department of Defense restricted the use of ZOOM
• Google banned the use of ZOOM in company devices
• Singapore suspended ZOOM classes
• The Germans Banned the application
• A fourth class-action lawsuit was filed – a shareholder suit claiming the company had violated the federal securities laws by misleading investors about Zoom’s “inadequate data privacy and security measures” and falsely represented its service had end-to-end encryption. 
• A fifth class action suit names Zoom, LinkedIn, and Facebook for improper data sharing.

It was a lesson learned for not planning and not having a plan in a better position as well. How we could avoid this as a company. Listed are a few points which we can focus on to overcome the situation and resolve the outcomes.

Follow and practice the best information security rules and regulations in the provenance you are functioning.

1. Data Security is the prime focus of any software or solution used through the cloud platform
2. The security issues should be held responsible by the senior management team that is most important.
3. Develop a culture of respect for privacy and always focus on customer safety.
4. Design a Code of Conduct issued to all the employees, vendors, customers, management to maintain transparency within the company.
5. Make sure to identify the security issues and identify to resolve and integrate it to operational policies
6. Make sure to develop and check the security in every stage of coding according to the secure platform
7. Regular scans and risk assessment should undertake to adhere to security policies.

ISO standards, laws, and regulations require companies to connect the dots between the data they collect, how they protect it, and whom they share it with. They are required to accurately and transparently provide this information to shareholders and users.