Most of the world — despite the canaries in the coal mine — was unprepared to cope with the coronavirus outbreak that’s now besieging us. Now, work is starting to get underway both to help manage what is going on now and better prepare us in the future. In the latest development, the UK government today announced that it will issue £20 million ($24.5 million) in grants of up to £50,000 each to startups and other businesses that are developing tools to improve resilience for critical industries — in other words, those that need to keep moving when something cataclysmic like a pandemic hits.

You can start your application here. Unlike a lot of other government efforts, this one is aimed at a quick start: you need to be ready to kick of your project using the grant no later than June 2020, but earlier is okay, too.

Awarded through Innovate UK, which part of UK Research and Innovation (itself a division of the Department of Business, Energy and Industrial Strategy), the grants will be available to businesses of any size as long as they are UK-registered, and aim to cover a wide swathe of industries that form the core fabric of how society and the economy can continue to operate.

“The Covid-19 situation is not just a health emergency, but also one that effects the economy and society. With that in mind, Innovate UK has launched this rapid response competition today seeking smart ideas from innovators,” said Dr Ian Campbell Executive Chair, Innovate UK, in a statement. “These could be proposals to help the distribution of goods, educate children remotely, keep families digitally connected and even new ideas to stream music and entertainment. The UK needs a great national effort and Innovate UK is helping by unleashing the power of innovation for people and businesses in need.”

These include not just what are typically considered “critical” industries like healthcare and food production and distribution, but also those that are less tangible but equally important in keeping society running smoothly, like entertainment and wellbeing services:

• community support services
• couriers and delivery (rural and/or city based)
• education and culture
• entertainment (live entertainment, music, etc.)
• financial services
• food manufacture and processing
• healthcare
• hospitality
• personal protection equipment
• remote working
• retail
• social care
• sport and recreation
• transport
• wellbeing

The idea is to introduce new technologies and processes that will support existing businesses and organizations, not use the funding to build new startups from scratch. Those getting the funding could already be businesses in these categories, or building tools to help companies that fall under these themes.

The grants were announced at a time where we are seeing a huge surge of companies step up to the challenge of helping communities and countries cope with COVID-19. That’s included not only those that already made medical supplies increase production, but a number of other businesses step in and try to help where they can, or recalibrate what they normally do to make their factories or other assets more useful. (For example, in the UK, Rolls Royce, Airbus and the Formula 1 team are all working on ventilators and other hospital equipment, a model of industry retooling that has been seen in many other countries, too.)

That trend is what helped to inspire this newest wave of non-equity grants.

“The response of researchers and businesses to the coronavirus outbreak have been remarkable,” said Science Minister Amanda Solloway in a statement. “This new investment will support the development of technologies that can help industries, communities and individuals adapt to new ways of working when situations like this, and other incidents, arise.”

The remit here is intentionally open-ended but will likely be shaped by some of the shortcomings and cracks that have been appearing in recent weeks while systems get severely stress-tested.

So, unsurprisingly, the sample innovations that UK Innovate cites appear to directly relate to that. They include things like technology to help respond to spikes in online consumer demand — every grocery service in the online and physical world has been overwhelmed by customer traffic, leading to sites crashing, people leaving stores disappointed at what they cannot find, and general panic. Or services for families to connect with and remotely monitor vulnerable relatives: while Zoom and the rest have seen huge surges in traffic, there are still too many people on the other side of the digital divide who cannot access or use these. And better education tools: again, there are thousands of edtech companies in the world, but in the UK at least, I wouldn’t say that the educational authorities had done even a small degree of disaster planning, leaving individual schools to scramble and figure out ways to keep teaching remotely that works for everyone (again not always easy with digital divides, safeguarding and other issues).

None of this can cure coronavirus or stop another pandemic from happening — there are plenty of others that are working very squarely on that now, too — but these are equally critical to get right to make sure that a health disaster doesn’t extend into a more permanent economic or societal one.

More information and applications are here.

Zoom is making some drastic changes to prevent rampant abuse as trolls attack publicly shared video calls. Starting April 5th, it will require passwords to enter calls via Meeting ID, as these may be guessed or reused. Meanwhile, it will change virtual waiting rooms to be on by default so hosts have to manually admit attendees.

The changes could prevent “Zoombombing,” a term I coined two weeks ago to describe malicious actors entering Zoom calls and disrupting them by screensharing offensive imagery. New Zoombombing tactics have since emerged, like spamming the chat thread with terrible GIFs, using virtual backgrounds to spread hateful messages or just screaming profanities and slurs. Anonymous forums have now become breeding grounds for organized trolling efforts to raid calls.

Just imagine the most frightened look on all these people’s faces. That’s what happened when Zoombombers attacked the call.

The FBI has issued a warning about the Zoombombing problem after children’s online classes, Alcoholics Anonymous meetings and private business calls were invaded by trolls. Security researchers have revealed many ways that attackers can infiltrate a call.

The problems stem from Zoom being designed for trusted enterprise use cases rather than cocktail hours, yoga classes, roundtable discussions and classes. But with Zoom struggling to scale its infrastructure as its daily user count has shot up from 10 million to 200 million over the past month due to coronavirus shelter-in-place orders, it’s found itself caught off guard.

Zoom CEO Eric Yuan apologized for the security failures this week and vowed changes. But at the time, the company merely said it would default to making screensharing host-only and keeping waiting rooms on for its K-12 education users. Clearly it determined that wasn’t sufficient, so now waiting rooms are on by default for everyone.

Zoom communicated the changes to users via an email sent this afternoon that explains “we’ve chosen to enable passwords on your meetings and turn on Waiting Rooms by default as additional security enhancements to protect your privacy.”

The company also explained that “For meetings scheduled moving forward, the meeting password can be found in the invitation. For instant meetings, the password will be displayed in the Zoom client. The password can also be found in the meeting join URL.” Some other precautions users can take include disabling file transfer, screensharing or rejoining by removed attendees.

NEW YORK, NY – APRIL 18: Zoom founder Eric Yuan reacts at the Nasdaq opening bell ceremony on April 18, 2019 in New York City. The video-conferencing software company announced it’s IPO priced at $36 per share, at an estimated value of $9.2 billion. (Photo by Kena Betancur/Getty Images)

The shift could cause some hassle for users. Hosts will be distracted by having to approve attendees out of the waiting room while they’re trying to lead calls. Zoom recommends users resend invites with passwords attached for Meeting ID-based calls scheduled for after April 5th. Scrambling to find passwords could make people late to calls.

But that’s a reasonable price to pay to keep people from being scarred by Zoombombing attacks. The rash of trolling threatened to sour many people’s early experiences with the video chat platform just as it’s been having its breakout moment. A single call marred by disturbing pornography can leave a stronger impression than 100 peaceful ones with friends and colleagues. The old settings made sense when it was merely an enterprise product, but it needed to embrace its own change of identity as it becomes a fundamental utility for everyone.

Technologists will need to grow better at anticipating worst-case scenarios as their products go mainstream and are adapted to new use cases. Assuming everyone will have the best intentions ignores the reality of human nature. There’s always someone looking to generate a profit, score power or cause chaos from even the smallest opportunity. Building development teams that include skeptics and realists, rather than just visionary idealists, could keep ensure products get safeguarded from abuse before rather than after a scandal occurs.

Zoom has been widely criticized over the past couple of weeks for terrible security, a poorly designed screensharing feature, misleading dark patterns, fake end-to-end-encryption claims and an incomplete privacy policy. Despite that, the video conferencing service has attracted a ton of new users thanks to the coronavirus lockdowns around the world — the company reached 200 million daily active users last month.

Zoom, an enterprise product designed for boring corporate meetings, has become a mainstream product with all the risks that it involves.

That’s why the company’s CEO Eric S. Yuan has written a lengthy blog post to address some of the concerns around Zoom. He starts by sharing some metrics. Zoom has been used by 90,000 schools around 20 countries. Daily meetings participants jumped from 10 million in December to 200 million in March.

But some companies are starting to reconsider using Zoom for video conferences. For instance, SpaceX, Elon Musk’s rocket company, has banned its employees from using the service.

For the next 90 days, Zoom is enacting a feature freeze, which means that the company isn’t going to ship any new feature until it is done fixing the current feature set. Zoom will also work with third-party experts and prepare a transparency report.

“For the past several weeks, supporting this influx of users has been a tremendous undertaking and our sole focus,” Yuan writes. “However, we recognize that we have fallen short of the community’s – and our own – privacy and security expectations. For that, I am deeply sorry, and I want to share what we are doing about it.”

As expected, Yuan says that mainstream adoption has led to unforeseen issues. “We did not design the product with the foresight that, in a matter of weeks, every person in the world would suddenly be working, studying, and socializing from home. We now have a much broader set of users who are utilizing our product in a myriad of unexpected ways, presenting us with challenges we did not anticipate when the platform was conceived,” he writes.

In addition to keeping up with the massive influx of customer support requests, Zoom has already shipped a few updates to solve some issues. The company released a new version of its iOS app to remove Facebook’s SDK as the company’s privacy policy never said that you consent to sharing data with Facebook. The company updated its privacy policy as well.

Zoom removed the attendee attention tracker feature, a controversial feature that lets hosts see if the Zoom window is currently in focus. The company has also shipped security updates after Patrick Wardle uncovered vulnerabilities.

Zoom wrote a dedicated K-12 privacy policy and changed some default settings for schools (waiting rooms are on by default, only teachers can share content, etc.).

The company is far from done. Don’t forget that it claimed that calls are end-to-end encrypted even though they’re not at all. More importantly, the fact that Zoom is fixing issues as quickly as it can isn’t enough. Something is wrong at Zoom — there’s a corporate culture issue that leads to all those missteps. It’ll take much longer than 90 days.

Okta, the popular identity and access management service, today used its annual (and now virtual) user conference to launch Lifecycle Management Workflows, a new tool that helps IT teams build and manage IFTTT-like automated processes with the help of an easy to use graphical interface.

The new service is an extension of Okta’s existing automation tools. But the key here is that IT teams and developers can now easily build complex identity-centric workflows across a wide range of applications. With this, these teams can easily automate an onboarding process, where setting up a new Okta account also immediately kicks off processes on third-party services like Box, Salesforce, ServiceNow and Slack to set up accounts there. The same goes for offboarding workflows and username creation. A lot of companies still do this manually, which is not just a hassle but also error-prone.

“Adopting more technology is incredibly beneficial for enterprises today, but complexity is a significant side effect of a changing technology ecosystem and workforce. There is no better example of the potential challenges it can create than with lifecycle management,” said Diya Jolly, chief product officer at Okta. “Okta’s vision of enabling any organization to use any technology goes deeper than just access; it’s about improving how organizations use technology. Okta Lifecycle Management Workflows improves the efficiency and security of enterprises through its simple user experience and broad applicability, keeping organizations secure and efficient without requiring the complexity of writing code.”

Okta, of course, had lifecycle management features before, but now it is also putting its acquisition of Azuqua to work and using that company’s graphical interface and technology for making it easier to create these automation processes. And while the focus right now is on processes like provisioning and de-provisioning accounts, the long-term plan is to expand Workflows with support for more identity processes.

As Okta also stresses, administrators can also manage very granular access across the supported third-party tools like assigning territories in Salesforce or access to specific group channels in Slack, for example. For temporary employees, admins can also set up automatic de-provisioning workflows that revoke access to some tools but maybe leave access to payroll services open for a while longer. There are also built-in tools for automatically managing conflicts when two people have the same name.

“Millions of people rely on Slack every day to make their working lives simpler, more pleasant and more productive,” said Tamar Yehoshua, chief product officer at Slack, one of the early adopters of this service. “Okta Lifecycle Management Workflows has significantly increased efficiency for us by automating the provisioning and de-provisioning of users from applications in our environment, without us ever having to write a line of code.”

This new feature is part of Okta’s new Platform Services, which the company also debuted today and which currently consists of core technologies like the Okta Identity Engine, Directories Integrations, Insights, Workflow and Devices. The core idea behind Platform Services is to give Okta users the flexibility to manage their unique identity use cases but also to give Okta itself a platform on which to innovate. One other new product that sits on top of the platform is Okta Fastpass, for example, which allows for passwordless authentication on any device.