Wyden pushes for information on federal agencies' Zoom use, citing security concerns
Source: The Hill
Sen. Ron Wyden (D-Ore.) on Wednesday drilled the General Services Administration (GSA) around its ongoing approval of video conferencing app Zoom for government use, despite security vulnerabilities discovered by researchers in recent years.
In a letter to GSA Acting Administrator Katy Kale shared with The Hill, Wyden requested that the agency provide a copy of its "security package" detailing the decision by GSA to approve Zoom for use by federal agencies through the Federal Risk and Authorization Management (FedRAMP) program.
"It is extremely concerning that after Zoom was cleared for government use by the General Services Administration in April 2019, security researchers discovered multiple serious vulnerabilities in the year that followed," Wyden wrote.
In light of the vulnerabilities, Wyden criticized the FedRAMP approval of Zoom for use by first the U.S. Customs and Border Protection Agency in 2019, and then for all other government agencies without allowing each agency to conduct their own security review of Zoom.
Read more: https://www.msn.com/en-us/news/politics/wyden-pushes-for-information-on-federal-agencies-zoom-use-citing-security-concerns/ar-BB1gEM9N?li=BBnbfcQ&ocid=hplocalnews
Nictuku
(3,587 posts)As a former federal employee (IT), whose agency did use Zoom after it was approved for FedRAMP, we did do our own assessments, as well as having access to the FedRAMP approval process. After version 5 for Zoom, everything was encrypted. Additional security measures were added. The Government version of Zoom is different than the general (free) version, but all are encrypted after version 5.
The ability for someone to join a meeting and 'bomb' it, or take over the screen sharing, has everything to do with how you set up the meeting, and what security measures you put in place (or not). (waiting room, allow anyone, or just the specific invite list, re-using the same personal room/password over and over), etc.
Just my two cents.
eggplant
(3,909 posts)VarryOn
(2,343 posts)But it's my least favorite platform from a user perspective. In my job, I've had occasion to use Zoom, Webex, Google Meet, GoToMeeting and Teams, and Webex is my least favorite. The video quality and video/audio synchronization is the worst. As much as I hate to admit it, Microsoft's Teams is my favorite. The name "Teams" is dumb, though. "Let's Teams." "We Teamsed." "She's Teamsing me right now."