Zoom gets a host of extra security certifications

Zoom Events log in page
(Image credit: Zoom)

Video conferencing and collaboration platform Zoom seems to be going above and beyond to prove that its data security practices are up to standard. 

After settling a class-action lawsuit that alleged the company was in breach of privacy laws and put its users’ data at risk, it has now announced compliance with two industry-recognized certifications and security attestations.

In a press release, Head of Security Standards, Compliance, and Customer Assurance at Zoom, Heather Ceylan, said the company expanded its list of security certificates, adding ISO/IEC 27001:2013 and SOC 2 + HITRUST.

"Rigorous" security

Zoom Meetings, Zoom Phone, Zoom Chat, Zoom Rooms, and Zoom Video Webinars are now certified as International Organization for Standardization (ISO) / International Electrotechnical Commission (IEC) 27001:2013 compliant. 

An independent, third-party auditor analyzed these products, the video conferencing company said, adding that the certificate requires developing and implementing a “rigorous security program”, including operationalizing an Information Security Management System (ISMS). 

Such a system is necessary to manage, monitor, review, and iterate on a company’s security program, Zoom added.

Settling lawsuits

After expanding the scope of its existing SOC 2 Type II report, it now includes additional criteria, finally meeting the control requirements for the Health Information Trust Alliance Common Security Framework, or HITRUST CSF. 

This security framework takes advantage of both domestic, and international regulation, including GDPR, ISO, and the likes. 

Wrapping up the announcement, Ceylan said the introduction of these standards demonstrates the company’s “commitment to data protection and user security”. 

“As we continue to evolve our security program here at Zoom, third-party certifications and attestations will continue to serve as a critical component of our work to create a platform built on trust.”

In the lawsuit that was settled in early December, it was claimed that Zoom Meetings shared certain user information with third parties, did not do everything it could to prevent unwanted meeting disruption by third parties, and that the company falsely advertised its service as end-to-end encrypted.

Even with the settlement, Zoom denied any liability whatsoever and said it believes that no member of the Settlement Class, including the Plaintiffs, has sustained any damages or injuries due to these allegations.

  • You might want to check out our list of the best webcams right now
TOPICS

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Skype video conferencing
Best Zoom alternative of 2025
Group of people meeting
Zoom vs Google Meet: which is the best video conferencing tool for your business?
Team collaboration
This new open source collaboration tool makes working with your colleagues even easier
A person video conferencing on a laptop.
Best free video conferencing service of 2025
A woman using a laptop to work from home.
Best video conferencing software of 2025
Zoom Team Chat with AI Companion integration
Zoom wants to make your Team Chats even smarter - using AI, of course
Latest in Security
DeepSeek on a mobile phone
More US government departments ban controversial AI model DeepSeek
Trojan
Microsoft warns of a devious new RAT malware which can avoid detection with apparent ease
NordProtect logo
Standalone identity theft protection from Nord Security is now available
A man holds a smartphone iPhone screen showing various social media apps including YouTube, TikTok, Facebook, Threads, Instagram and X
Ofcom cracks down on UK tech firms, will issue sanctions for illegal content
A fish hook is lying across a computer keyboard, representing a phishing attack on a computer system
These fake GitHub "security alerts" could actually let hackers hijack your account
3d rendering of a submarine power cable on the seabed
Subsea internet cables can now ‘listen’ for sabotage using irregular pulses of light
Latest in News
Lego Pokemon
Pokemon and Lego announce the most electrifying collaboration of all time and I’m going to be first in line
Apple Watch app health
Apple Watch blood pressure monitoring tech revealed in patent
Using Zipped files and folders in Windows 11
Hidden clues suggest Microsoft is moving another part of Windows 11’s Control Panel to the Settings app – and this time it’s mouse options
an image of the Samsung Galaxy S24 Ultra
Finally! One UI 7 has a release date - here are the Samsung phones that’ll get it first
Google Cloud logo
Google to acquire cloud security platform Wiz in $32 billion deal
GIMP 3.0 interface from the website
Our favorite free photo editor finally got the update it deserves - and these are the top 5 features designers should know about