Zoom has added two-factor authentication (2FA) to its video-conferencing platform in an effort to help organisations prevent identity theft and security breaches, as well as reduce security costs for businesses and schools.
Users who are part of an organisation can now use the additional security layer by choosing between one-time password (TOTP) apps, such as Google Authenticator and Microsoft Authenticator, or having Zoom send a code via SMS or phone call.
Admins can enable the tool by signing into the Zoom Dashboard, selecting Advanced, then Security, and enabling the “Sign in with Two-Factor Authentication” option.
They will then be able to enable 2FA for all users in their account, users with specific roles, or users belonging to specific groups, choosing the groups, and then clicking OK.
In a blog post announcing the update, the company outlined the benefits of the new tool, such as improved security, simplified credential management, being able to meet compliance obligations for sensitive data and customer information, as well as reduced costs of security.
“For small businesses and schools, it can be expensive to pay for an SSO service,” the company said. “Zoom’s 2FA provides a free and effective way to validate users and protect against security breaches.”
The announcement comes days after it was revealed that the company’s revenues were up 355% in the second quarter of 2020, making it one of the biggest beneficiaries of the global lockdown. The firm capitalised on the sudden need to communicate remotely with work, friends and family and averaged 148.4 million monthly active users in the second quarter, an increase of 4,700% year on year, according to CNBC.
A buyer’s guide to optimising remote employees’ extended network
Three key factors to consider when tackling network-related challenges
However, its sudden success had also been plagued with security issues, such as the infamous Zoom-bombing trend, which recently affected the trial against the teenager accused of July's mass Twitter hack.
The issue forced the company to improve encryption standards and password security, leading to the hire of former Salesforce and Microsoft security executive Jason Lee.
