Pentagon Issues New Guidance on Zoom
April 11, 2020
The Department of Defense has issued new guidance on the use of the
popular videoconferencing application Zoom following a week-old FBI
warning about security issues and a VOA report Thursday that military
and government employees had continued to use the app.
In an email to VOA on Friday, a Pentagon spokesman said, “DOD users may
not host meetings using Zoom's free or commercial offerings.”
The spokesman said the new guidance permits use of Zoom for Government,
a paid tier service that is hosted in a separate cloud authorized by the
Federal Risk and Authorization Management Program, when
videoconferencing about “publicly releasable DOD information not
categorized as ‘For Official Use Only.’ ”
It was unclear, however, how many government employees have
differentiated between the two services to date.
“Just because senior leadership enacts a policy does not automatically
mean that everyone in every corner of an organization immediately gets
the word,” a defense official said.
Rise in popularity
Zoom has seen a surge in activity during the coronavirus pandemic as
office workers across the country have turned to the free app to quickly
arrange video calls with dozens of participants.
The federal government has been no different, despite an FBI
announcement April 1 that hackers could exploit weaknesses in
videoconferencing software systems like Zoom to “steal sensitive
information, target individuals and businesses performing financial
transactions, and engage in extortion.”
The security concern is much greater than “Zoom bombing” attacks
reported by users whose chats have been infiltrated by hackers shouting
profanities or posting lewd images.
Experts say the teleconferencing app may introduce security risks not
only to government employees during Zoom sessions but also to data that
reside on government computers.
“If there are vulnerabilities, the app can jeopardize the security of
data on the computer on which it is installed, or even potentially on
other computers on the same network,” Joseph Steinberg, a leading
cybersecurity expert and the author of Cybersecurity for Dummies, told
VOA. “Such vulnerabilities have been discovered — and more may exist.”
Some unaware of risks
reporting after the FBI warning on April 1 showed that Zoom remained a
popular videoconferencing application for U.S. government employees from
the Pentagon to Capitol Hill, not all of whom were aware of its
A Zoom spokeswoman said Thursday that Zoom takes user security
“A large number of global institutions ranging from the world’s largest
financial services companies to leading telecommunications providers,
government agencies, universities and others have done exhaustive
security reviews of our user, network and datacenter layers and
confidently selected Zoom for complete deployment,” the spokeswoman