Zoom’s response to its own flaws should set the industry standard

This past Friday, I shared my thoughts on Zoom and what appeared to be a company that was crumbling beneath the weight of its own, unforeseen success. Based on reader response and multiple social media conversations, my opinion of Zoom was not a popular one and that’s okay. Was I harsh? Yes. Did I sensationalize the surmounting privacy issues and questionable practices of Zoom? I don’t feel that I did at all but everyone is entitled to their own opinion. I stand behind my statements and will continue to value intelligent, civil discussion about this or any topic of conversation we write about here at Chrome Unboxed.

That said, a whole lot can change in just a few days and I’m writing this today, not to apologize for my take on Zoom but to commend them for their response in the midst of such a troubling time. Zoom has experienced explosive growth in the range of 2000% over the past three months and amidst their growing pains and troubles, they have come under fire by tech writers like myself, mainstream media and even the Federal Government. Lesser companies would likely look at their monumental growth and laugh all the way to the bank while taking whatever lumps may come from the backlash. Not Zoom. In less that 72 hours, Zoom has made massive changes to their platform in what is clearly more than just a knee-jerk reaction.

Zoom began the charge by removing the Facebook SDK from iOS that was reportedly sharing information to Facebook even when users weren’t using the Facebook login option. Next, the company addressed the complaints surrounding the application’s ability to install itself on MacOS without clear consent from the user. That has since been fixed and users are clearly prompted to accept the installation. Then, the company turned its attention to accusations that it had misled users by muddling the actual meaning of “end-to-end encryption.” The fact of the matter is, they did just that. However, they owned it. In a blog post in response to the claim, Zoom mapped our a clear-cut explanation of their encryption methods and how they applied in various use-cases.

In a related post, Zoom also conceded that they had dropped the ball when adding server capacity around China which inadvertently allowed traffic to connect to China when it should not have done so. Again, the company took the “on us,” fixed the problem and continued to push forward.

Last but by no means least, Zoom addressed the issue of “Zoombombing” and the default privacy settings of its meeting rooms. This was probably one of my biggest gripes with the company when news began to run rampant that school kids and business meetings alike were being “bombed” by uninvited guest sharing inappropriate (fill in the blank.) As many have pointed out, a quick walkthrough Zoom’s tutorials would have likely prevented this from ever being an issue. However, with millions of users jumping onto Zoom for the first time to attempt to salvage the school year or perhaps keep their companies from crumbling, how-tos were probably the last thing on their minds. Does that make it okay? Absolutely not. The fault most certainly lies, in part, on the user but given the swift adoption by educational institutions, Zoom should have seen the writing on the wall and made these changes a month ago.

Still, the company has tended to this problem and now, the Waiting Room feature and password-protected meetings are the default setting for Basic (free), single license Pro and Business accounts. This password setting also applies to Personal Meeting IDs. Passwords will be required by scheduled and instant meetings by default from here on out.

The latest grievance against Zoom involves the method in which they save recorded meetings. By default, meetings aren’t recorded but if the host chooses to do so, Zoom saves them on its secure cloud platform. The complaint from a growing number of users is that Zoom uses a default filename for every meeting that is recorded. Users are taking those recorded meetings, keeping the default filename and saving the recording on third-party servers that may not be secure. If a more sinister person wanted to, they could search for the default Zoom filename on said third-party server and now have access to what could be confidential and private content. While I do agree that Zoom should prompt users to set their own filename, I don’t think the company should be the target of these complaints. First, you should rename your file. Second, if you are saving meetings (or anything) on a server that isn’t secure and password-protected, that’s on you. Hopefully, Zoom will change its file saving method and they can pass the buck on this one.

I, as much as most, sat down in front of my computer last week and with a clear conscience, put Zoom on blast. A week ago, I would have told anyone who asked to steer clear of the video meeting platform and I did just that. I shared alternatives that offer similar functionality and I tipped my hat to Zoom with the hopes that a few months down the road, they would get their stuff together. Well, they have gone above and beyond. That’s not to say that Zoom is perfect. The company will still have to deal with whatever consequences come from the flawed security accusations and there is still a lot of work to be done to make Zoom a trustworthy meeting application. Still, I wanted to take this time to rise to my feet and commend Zoom for doing what most companies wouldn’t have. Zoom has taken responsibility for its failures and has acted swiftly and transparently to fix what is wrong with its software. This is how things should be and I wish Zoom all the success in the world.