[technology taskforce] ZOOM 90-Day Security Plan Progress Report: April 15

Alfredo Calderon-Serrano acalderon1 at me.com
Sat Apr 18 21:16:46 UTC 2020 

https://blog.zoom.us/wordpress/2020/04/15/90-day-security-plan-progress-report-april-15/





The newly released Security icon in the toolbar provides Zoom Meetings hosts and co-hosts with one-click access to a number of existing Zoom security features, including Lock Meeting and Enable the Waiting Room.
Changes to Zoom’s default settings
We’ve made changes to Zoom’s default meeting settings to improve security before a meeting starts. Both meeting passwords and Waiting Rooms are enabled by default for our free Basic users and single Pro users, while those in our K-12 education program need a password to join a meeting. Waiting Rooms also are on by default for those K-12 users. 
Enhanced meeting password complexity
Account owners and admins can now configure minimum meeting password requirements to include numbers, letters, and special characters, or allow only numeric passwords. Free Basic account users will now use alphanumeric passwords by default instead of numeric passwords.  
Changes to data center routing  
Starting April 18, account admins will have the ability to choose whether or not their data is routed through specific data center regions, giving users more control of their interactions with Zoom’s global network. Learn more about the process in our blog post.
Bug bounty program with Katie Moussouris of Luta Security  
Zoom will be working with Luta Security to reboot our bug bounty program. Luta Security was founded by Katie Moussouris, who created some of the most important vulnerability programs still running today. She started Microsoft Vulnerability Research and Symantec Vulnerability Research, and also started Microsoft’s and the Pentagon’s bug bounty programs. Luta Security will be assessing Zoom’s program holistically with a 90-day “get well” plan, which will cover all internal vulnerability handling processes. Read more in Katie’s blog post.

Alfredo Calderón

Sent from my iPad
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/ttf/attachments/20200418/090f8082/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: past-week.png
Type: image/png
Size: 157621 bytes
Desc: not available
URL: <http://mm.icann.org/pipermail/ttf/attachments/20200418/090f8082/past-week-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: next-week.png
Type: image/png
Size: 105769 bytes
Desc: not available
URL: <http://mm.icann.org/pipermail/ttf/attachments/20200418/090f8082/next-week-0001.png>

More information about the ttf mailing list