Zoom 5.0 adds 256-bit encryption to address security concerns

Milestone update adds stronger host controls to prevent cyber incidents like Zoom-bombing

Zoom has rolled out a flagship update comprising data encryption and front-end security-centric functionality as part of the company’s 90-day plan to address privacy and security gaps. 

The company hopes the implementation of the 256-bit AES-GCM encryption standard in Zoom 5.0 will give users concerned over the security of meetings some reassurance that their data is protected from cyber criminals. 

With the added layer of encryption, Zoom Meeting, Zoom Video Webinar and Zoom Phone data will be protected against tampering, the company insists, with this latest update providing a level of confidentiality that wasn’t present in previous iterations.

The standard will take effect once all accounts are enabled with GCM, with system-wide account implementation set to take place on 30 May.

Zoom was previously criticised for not using end-to-end encryption to safeguard meetings despite claiming to on promotional materials.

The network improvement comes in addition to Control Data Routing, which allows account administrators to choose which data centre regions their account-hosted meetings and webinars use for real-time traffic. This measure was announced by the company earlier this month.

Meanwhile, the front-end user interface (UI) will be overhauled to include a host of additional functionality, from host controls to passwords for cloud recordings.

“We take a holistic view of our users’ privacy and our platform’s security,” said Zoom CPO Oded Gal. “From our network to our feature set to our user experience, everything is being put through rigorous scrutiny. On the back end, AES 256-bit GCM encryption will raise the bar for securing our users’ data in transit. 

“On the front end, I’m most excited about the Security icon in the meeting menu bar. This takes our security features, existing and new, and puts them front and centre for our meeting hosts. With millions of new users, this will make sure they have instant access to important security controls in their meetings.”

As part of the major update, users will be given a central security hub, which can be accessed through a security icon on the host’s interface. Hosts can, for the first time, report a user to Zoom, and disable the ability to participants to rename themselves, among other controls. The virtual waiting room, meanwhile, will be enabled by default so hosts can control who can enter meetings at all times.

Related Resource

Five essentials of a secure modern workplace

The CIO's guide to unleashing productivity whilst minimising risk

Download now

The latest version of Zoom will also support a new data structure for larger organisations, allowing them to link contacts across multiple accounts so people can seamlessly search and find meetings, phone contacts or chats.

Improvements to the dashboard will allow account administrators to view how their meetings are connected to Zoom data centres, which includes any data centres connected to HTTP Tunnel servers, as well as Conference Room Connectors and gateways.

The company has ploughed its resources into resolving a host of well-documented security issues which have arisen since the video conferencing platform was thrust into the spotlight following an explosion of user activity.

While many have opted to use the service in light of the coronavirus pandemic forcing employees to work from home, a string of organisations have instead banned the platform, including the Ministry of Defence (MoD) and Google.

Featured Resources

Digital document processes in 2020: A spotlight on Western Europe

The shift from best practice to business necessity

Download now

Four security considerations for cloud migration

The good, the bad, and the ugly of cloud computing

Download now

VR leads the way in manufacturing

How VR is digitally transforming our world

Download now

Deeper than digital

Top-performing modern enterprises show why more perfect software is fundamental to success

Download now

Recommended

CMS platforms succumb to KashmirBlack botnet as businesses rush online
Security

CMS platforms succumb to KashmirBlack botnet as businesses rush online

22 Oct 2020
Government agencies see misconfigured cloud services as top security threat
Security

Government agencies see misconfigured cloud services as top security threat

22 Oct 2020
Lookout reveals mobile-first endpoint detection and response solution
Security

Lookout reveals mobile-first endpoint detection and response solution

21 Oct 2020
Cisco finds an increase in security concerns due to remote working
Security

Cisco finds an increase in security concerns due to remote working

21 Oct 2020

Most Popular

The enemy of security is complexity
Sponsored

The enemy of security is complexity

9 Oct 2020
The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

5 Oct 2020
What is a 502 bad gateway and how do you fix it?
web hosting

What is a 502 bad gateway and how do you fix it?

5 Oct 2020