Security Built for the New World of Work: IDC Reflects on Zoom’s Security Maturity and Innovation
“This is as normal as it is going to get. Hybrid work is our reality, and it is here to stay. There! We said it!” writes Frank Dickson and Christopher Rodriguez, analysts at IDC who authored the white paper “Securing the Real World: Accelerating Collaboration, Minimizing Risk.”
In the paper, they reflect on how the way we work has changed permanently, with IDC predicting the shift to flexible work even before the pandemic began. IDC’s paper, commissioned by Zoom, discusses the intricacies involved in this new world of work, the set of security controls it necessitates, and how the Zoom platform provides the right features to help safeguard the flexible communications workers want.
A brave new world (of work)
Flexible work is pervasive these days, and IDC suspects the trend will only evolve and expand over time. As Dickson and Rodriguez note in the white paper, “IDC predicts that by 2023, digital transformation and business volatility will drive 70% of G2000 organizations to deploy remote or hybrid-first work models (see IDC FutureScape: Worldwide Future of Work 2022 Predictions, IDC #US47290521, October 2021). Hybrid work models will force organizations to rethink how they instrument environments to purposefully bridge physical workplaces and digital workspaces.”
Key to bridging the digital and physical divide? A communications technology stack that creates asynchronous and meaningful connections, as the paper references IDC research that notes a growing preference for online-first collaboration tools such as chat, whiteboard, and online conference rooms.
It’s not news that businesses are embracing hybrid work. But many are still working out the kinks regarding how they operationalize new organizational models. As Dickson and Rodriguez reflect, “IDC research has shown that many organizations have mobilized/started the transition to hybrid work, but certain elements, such as cultural adjustments, are commonly missing. To be successful, organizations need not only to invest in technologies that support secure anytime/anywhere access to corporate resources, but also to adopt a resilient mindset that translates to strategic investments in people and processes.”
Security meets hybrid
Security has always been core to the foundation of a successful business, but the transition to hybrid work has redefined what that foundation looks like. Technology must factor in the flexibility and scalability that comes with an anywhere workforce, providing security controls that acknowledge and address the new kind of threats that modern-day workers face.
As Dickson and Rodriguez explain, “Digital transformation has also unlocked innovative new practices, reshaping where, when, and how business happens. As technological evolution spurs business practices to evolve, subsequent evolution in security practices and technologies is required. A true modernization of security to compensate for our hybrid work reality will require a fundamental reassessment of risk and risk-mitigating controls.”
Adaptive security is now table-stakes. As Dickson and Rodriguez noted, “As worker expectations for offsite access become pervasive, the on premises versus remote access debate becomes irrelevant. Across the board, whether users are onsite or remote, or a combination of the two, the common factor is the need for security to adapt.”
There’s evidence that a solution’s security and privacy controls can heavily influence adoption. IDC research shows that security and governance have more influence over the selection of collaboration platforms than many other functions (see figure below).
Zoom’s security posture
As organizations enable flexible work, they need to partner with a communications provider that has layered the relevant security and privacy controls within its platform. We at Zoom have worked to do exactly that, and IDC noticed.
“Because security, privacy, confidentiality, and compliance are foundational to work, not just hybrid work, Zoom has implemented the appropriate features into its platform. The Zoom platform is designed with zero trust principles in mind, offering advanced security capabilities like two-factor authentication (2FA) and single sign-on (SSO) that can help IT organizations implement a zero trust strategy,” said Dickson and Rodriguez.
The authors took a deep dive into the Zoom platform and found it offers an aggregate of security features across products that help enable meaningful and safe workplace communication. “Critical business enablers integrated into the Zoom platform include features such as watermarking (including shared content and meeting, video and audio), a chat etiquette tool to identify sensitive keywords (e.g., account numbers and social security numbers), and 256-bit AES-GCM encryption as the standard for real-time content and media [data in transit],” they added.
The white paper also discusses our compliance efforts, initiatives such as the CISO Council and Bug Bounty program, educational resources such as the Trust Center and Learning Center, and more. The paper highlights how all of these help address the “human factor” that’s present in modern-day security issues, regardless of what kind of customer is experiencing them.
“The same human factors of a teacher’s fifth-grade class that inform Zoom’s platform can prove to be equally beneficial to the needs of a business,” Dickson and Rodriguez added.
A platform built for future-proofing
“Zoom and collaboration/communications platforms in general can be overlooked as a security control point,” Dickson and Rodriguez comment, reflecting how this misperception is one of the few roadblocks preventing today’s businesses from reaping the benefits of Zoom’s security architecture. But once this oversight is addressed, organizations can achieve new levels of seamless and secure digital communication.
“Zoom is a best-of-breed communications platform, extending beyond video meetings to include chat, conference rooms, phone, webinars, whiteboards, and virtual events solutions. Collaboration across diverse channels is what it does. Importantly, Zoom’s commitment to security extends across all of these key products,” the analysts said.
They continued, “IDC believes the market will continue to demand more security, privacy, and confidentiality features from collaboration platforms, and to the extent that Zoom can continue to address the challenges described in this paper, the company has a significant opportunity for success.”
By supporting remote and hybrid workforces with technology that deploys easy-to-use security features, Zoom helps organizations create a realistic and scalable approach to security that will evolve as your business does.
You can read the entire IDC white paper here and learn more about Zoom’s approach to security & privacy by visiting our Trust Center.