IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Zoom hires ex-Facebook CSO Alex Stamos to boost platform security

He will serve as an external consultant and help the firm build up its security capabilities

Embattled video conferencing platform Zoom has tapped up Facebook’s former security chief Alex Stamos as it attempts to knock back a security-based backlash.

Stamos will serve as an external consultant after Zoom's CEO Eric Yuan spoke with the former Facebook chief security officer over the phone about the crisis engulfing the platform so soon after its popularity had exploded. 

Stamos spoke with Yuan about the platform’s sudden growth, and the need to live up to the security expectations that accompany this surge. Yuan then asked if he would be interested in helping Zoom build up its security, privacy and safety capabilities as an external consultant, to which Stamos “readily agreed”. 

“First off, Zoom has gone from being a successful mid-sized enterprise IT company to a critical part of the lives of hundreds of millions in the space of a couple of months,” Stamos wrote in a Medium post.

“To successfully scale a video-heavy platform to such a size, with no appreciable downtime and in the space of weeks, is literally unprecedented in the history of the Internet. It has been clear to many people who have worked on production-scale systems that something special has been happening at Zoom, and the related security challenges are fascinating.”

Over a matter of days, Zoom has endured criticism for an integration that transferred iOS device data to Facebook, for claiming that sessions were end-to-end encrypted when this wasn’t the case and a growth in ‘Zoom bombing’ cyber attacks

Such concerns, among others, have led to the UK’s Ministry of Defence (MoD) to recommend against government staff using Zoom while theyr'e investigated, and Taiwan’s government banning the platform altogether

The company, in response, has pledged to suspend all development on the platform and instead reallocate resources and efforts into fixing outstanding security concerns.

Areas that Stamos is particularly keen to begin working on include core application security, cryptographic design, and infrastructure security. 

He added that building up collaboration software to ensure customers are empowered - while cyber criminals aren’t - is possibly the most impactful challenge faced by the tech industry in a world ravaged by the spread of coronavirus.

Photo by FotoBugz / CC BY 2.0

Featured Resources

Activation playbook: Deliver data that powers impactful, game-changing campaigns

Bringing together data and technology to drive better business outcomes

Free Download

In unpredictable times, a data strategy is key

Data processes are crucial to guide decisions and drive business growth

Free Download

Achieving resiliency with Everything-as-a-Service (XAAS)

Transforming the enterprise IT landscape

Free Download

What is contextual analytics?

Creating more customer value in HR software applications

Free Download

Recommended

What is hacktivism?
hacking

What is hacktivism?

27 May 2022
Mastering endpoint security implementation
Security

Mastering endpoint security implementation

18 May 2022
The Total Economic Impact™ of Apple Mac in Enterprise: M1 update
Whitepaper

The Total Economic Impact™ of Apple Mac in Enterprise: M1 update

12 May 2022
Dell Technologies World 2022: Dell unveils fastest storage architecture in company history
Server & storage

Dell Technologies World 2022: Dell unveils fastest storage architecture in company history

4 May 2022

Most Popular

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022
Linux-based Cheerscrypt ransomware found targeting VMware ESXi servers
ransomware

Linux-based Cheerscrypt ransomware found targeting VMware ESXi servers

26 May 2022
Open source packages with millions of installs hacked to harvest AWS credentials
hacking

Open source packages with millions of installs hacked to harvest AWS credentials

24 May 2022