Zoom 5.0 adds 256-bit encryption to address security concerns

Milestone update adds stronger host controls to prevent cyber incidents like Zoom-bombing

Zoom has rolled out a flagship update comprising data encryption and front-end security-centric functionality as part of the company’s 90-day plan to address privacy and security gaps. 

The company hopes the implementation of the 256-bit AES-GCM encryption standard in Zoom 5.0 will give users concerned over the security of meetings some reassurance that their data is protected from cyber criminals. 

Advertisement - Article continues below

With the added layer of encryption, Zoom Meeting, Zoom Video Webinar and Zoom Phone data will be protected against tampering, the company insists, with this latest update providing a level of confidentiality that wasn’t present in previous iterations.

The standard will take effect once all accounts are enabled with GCM, with system-wide account implementation set to take place on 30 May.

Zoom was previously criticised for not using end-to-end encryption to safeguard meetings despite claiming to on promotional materials.

The network improvement comes in addition to Control Data Routing, which allows account administrators to choose which data centre regions their account-hosted meetings and webinars use for real-time traffic. This measure was announced by the company earlier this month.

Meanwhile, the front-end user interface (UI) will be overhauled to include a host of additional functionality, from host controls to passwords for cloud recordings.

Advertisement
Advertisement - Article continues below

“We take a holistic view of our users’ privacy and our platform’s security,” said Zoom CPO Oded Gal. “From our network to our feature set to our user experience, everything is being put through rigorous scrutiny. On the back end, AES 256-bit GCM encryption will raise the bar for securing our users’ data in transit. 

Advertisement - Article continues below

“On the front end, I’m most excited about the Security icon in the meeting menu bar. This takes our security features, existing and new, and puts them front and centre for our meeting hosts. With millions of new users, this will make sure they have instant access to important security controls in their meetings.”

As part of the major update, users will be given a central security hub, which can be accessed through a security icon on the host’s interface. Hosts can, for the first time, report a user to Zoom, and disable the ability to participants to rename themselves, among other controls. The virtual waiting room, meanwhile, will be enabled by default so hosts can control who can enter meetings at all times.

Related Resource

Five essentials of a secure modern workplace

The CIO's guide to unleashing productivity whilst minimising risk

Download now

The latest version of Zoom will also support a new data structure for larger organisations, allowing them to link contacts across multiple accounts so people can seamlessly search and find meetings, phone contacts or chats.

Advertisement - Article continues below

Improvements to the dashboard will allow account administrators to view how their meetings are connected to Zoom data centres, which includes any data centres connected to HTTP Tunnel servers, as well as Conference Room Connectors and gateways.

The company has ploughed its resources into resolving a host of well-documented security issues which have arisen since the video conferencing platform was thrust into the spotlight following an explosion of user activity.

While many have opted to use the service in light of the coronavirus pandemic forcing employees to work from home, a string of organisations have instead banned the platform, including the Ministry of Defence (MoD) and Google.

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now
Advertisement
Advertisement

Recommended

Visit/security/encryption/355820/k2view-innovates-in-data-management-with-new-encryption-patent
encryption

K2View innovates in data management with new encryption patent

28 May 2020
Visit/security/hacking/355382/whatsapps-flaw-shoulder-surfing
hacking

WhatsApp flaw leaves users open to 'shoulder surfing' attacks

21 Apr 2020
Visit/security/cyber-security/355368/microsoft-builds-ai-to-detect-security-flaws-with-99-accuracy
cyber security

Microsoft AI can detect security flaws with 99% accuracy

20 Apr 2020
Visit/security/vulnerability/355276/businesses-brace-for-second-fujiwhara-effect-of-2020-as-patch-tuesday
vulnerability

Businesses brace for second 'Fujiwhara effect' of 2020 as Patch Tuesday looms

9 Apr 2020

Most Popular

Visit/operating-systems/microsoft-windows/355812/microsoft-warns-against-installing-windows-10-may-2020
Microsoft Windows

Microsoft warns users not to install Windows 10's May update

28 May 2020
Visit/security/data-breaches/355777/easyjet-faces-class-action-lawsuit-over-data-breach
data breaches

EasyJet faces class-action lawsuit over data breach

26 May 2020
Visit/security/cyber-security/355797/microsoft-bans-trend-micros-rootkit-buster-from-windows-10
cyber security

Microsoft bans Trend Micro driver from Windows 10 for "cheating" hardware tests

27 May 2020