While Zoom Video Communications CEO Eric S Yuan has apologised for these lapses, India Inc is beefing up cyber-security systems.
By Anwesha Ganguly
Users of video-conferencing app Zoom, whether they are government bodies, companies or individuals, have discovered they are being “zoombombed”. Zoom’s lax security features have resulted in meetings being hijacked and there’s a fear that data is being leaked. While Zoom Video Communications CEO Eric S Yuan has apologised for these lapses, India Inc is beefing up cyber-security systems.
Diagnostics firm Thyrocare’s CFO and executive director A Sundararaju agreed the lax security is cause for concern, but added the app had launched some updates that would hopefully take care of the issues. Thyrocare has been using Zoom to conduct internal review meetings and training programmes. “Our conversations are on different channels including Skype, Zoom and Whatsapp video calls,” Sundaraju said.
A large Indian public-sector bank that was using Zoom to interact with the press is now rethinking this strategy. “Because of its popularity, it was an instant decision to have press meetings to disseminate public information on Zoom. But we might review that now,” an executive said. The lender currently relies on internal communications systems to communicate regarding sensitive data and does not rely on third parties due to security concerns, another senior executive said.
The Indian central bank, too, steered clear of using Zoom. “We were considering holding a press meeting through Zoom, but decided against it and used already security-tested internal systems instead,” an official aware of the matter said.
The app’s popularity had soared with over 200 million using it daily in March, compared with 10 million in December 2019. But besides “zoombombing”, there have been serious concerns raised by international users regarding the privacy of users’ data on Zoom. Yuan said the company will be conducting a comprehensive review to understand and ensure the security of users. Despite the recent uproar, many remain nonchalant of the cyber risks involved. Even the Indian arms of global consultancy giants like Bain & Company and Boston Consulting Group continue to extensively use Zoom for internal and client meetings, despite being aware of the risks. “Everyone is using Zoom these days. We have internally shared safety measures that employees should take to avoid zoom-bombing and we continue to update the software,” an executive from a top consulting firm said.
The central government has also been using Zoom for some internal meetings and press interactions. “We typically use an internal software developed by the National Informatics Centre, but some inter-departmental meetings, press interactions were held on Zoom, recently. There is no directive yet on restricting the usage of the software,” a government official told FE. Large volumes of personal data is now stored online as usage of apps and smart devices increase. Companies and individuals must balance privacy with communication needs. “Organisation should consider a risk-based approach in designing a security and privacy framework to address the risk associated with processing of personal data and follow a proactive approach to ensure adequate level of protection,” said Manish Sehgal, partner, Deloitte India.