Zoom 5.0 adds 256-bit encryption to address security concerns

Milestone update adds stronger host controls to prevent cyber incidents like Zoom-bombing

Zoom has rolled out a flagship update comprising data encryption and front-end security-centric functionality as part of the company’s 90-day plan to address privacy and security gaps. 

The company hopes the implementation of the 256-bit AES-GCM encryption standard in Zoom 5.0 will give users concerned over the security of meetings some reassurance that their data is protected from cyber criminals. 

With the added layer of encryption, Zoom Meeting, Zoom Video Webinar and Zoom Phone data will be protected against tampering, the company insists, with this latest update providing a level of confidentiality that wasn’t present in previous iterations.

The standard will take effect once all accounts are enabled with GCM, with system-wide account implementation set to take place on 30 May.

Zoom was previously criticised for not using end-to-end encryption to safeguard meetings despite claiming to on promotional materials.

The network improvement comes in addition to Control Data Routing, which allows account administrators to choose which data centre regions their account-hosted meetings and webinars use for real-time traffic. This measure was announced by the company earlier this month.

Meanwhile, the front-end user interface (UI) will be overhauled to include a host of additional functionality, from host controls to passwords for cloud recordings.

“We take a holistic view of our users’ privacy and our platform’s security,” said Zoom CPO Oded Gal. “From our network to our feature set to our user experience, everything is being put through rigorous scrutiny. On the back end, AES 256-bit GCM encryption will raise the bar for securing our users’ data in transit. 

“On the front end, I’m most excited about the Security icon in the meeting menu bar. This takes our security features, existing and new, and puts them front and centre for our meeting hosts. With millions of new users, this will make sure they have instant access to important security controls in their meetings.”

As part of the major update, users will be given a central security hub, which can be accessed through a security icon on the host’s interface. Hosts can, for the first time, report a user to Zoom, and disable the ability to participants to rename themselves, among other controls. The virtual waiting room, meanwhile, will be enabled by default so hosts can control who can enter meetings at all times.

Related Resource

Five essentials of a secure modern workplace

The CIO's guide to unleashing productivity whilst minimising risk

Download now

The latest version of Zoom will also support a new data structure for larger organisations, allowing them to link contacts across multiple accounts so people can seamlessly search and find meetings, phone contacts or chats.

Improvements to the dashboard will allow account administrators to view how their meetings are connected to Zoom data centres, which includes any data centres connected to HTTP Tunnel servers, as well as Conference Room Connectors and gateways.

The company has ploughed its resources into resolving a host of well-documented security issues which have arisen since the video conferencing platform was thrust into the spotlight following an explosion of user activity.

While many have opted to use the service in light of the coronavirus pandemic forcing employees to work from home, a string of organisations have instead banned the platform, including the Ministry of Defence (MoD) and Google.

Featured Resources

The ultimate law enforcement agency guide to going mobile

Best practices for implementing a mobile device program

Free download

The business value of Red Hat OpenShift

Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShift

Free download

Managing security and risk across the IT supply chain: A practical approach

Best practices for IT supply chain security

Free download

Digital remote monitoring and dispatch services’ impact on edge computing and data centres

Seven trends redefining remote monitoring and field service dispatch service requirements

Free download

Recommended

Nearly seven in ten CISOs expect a ransomware attack
ransomware

Nearly seven in ten CISOs expect a ransomware attack

19 Oct 2021
Acer Taiwan falls victim to cyber attack
hacking

Acer Taiwan falls victim to cyber attack

18 Oct 2021
Marsh McLennan reveals its cyber risk analytics center
risk management

Marsh McLennan reveals its cyber risk analytics center

15 Oct 2021
£100 contactless payment limit could place shoppers at risk, warn industry experts
Policy & legislation

£100 contactless payment limit could place shoppers at risk, warn industry experts

15 Oct 2021

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
HPE wins networking contract with Birmingham 2022 Commonwealth Games
Network & Internet

HPE wins networking contract with Birmingham 2022 Commonwealth Games

15 Oct 2021
What is cyber warfare?
Security

What is cyber warfare?

15 Oct 2021