Zoom releases new version with security, privacy enhancements

After stinging complaints about security issues Zoom Video Communications will release over the next seven days a new version of its conferencing platform as part of a 90-day plan promising to boost privacy and security.

Among the enhancements, Zoom 5.0 adds support for AES 256-bit GCM encryption, which the company says will increase protection for meeting data and resistance against tampering. However, in the future a totally new cryptographic design will be implemented that “greatly reduces risk to Zoom’s system,’ the company says.

“We will earn our customers’ trust and deliver them happiness with our unwavering focus on providing the most secure platform,” CEO Eric S. Yuan said in a statement.

At the beginning of April, as employees of thousands of companies around the world forced to start working from home, reporters and security analysis began looking closely at Zoom and other video and audio conferencing platforms. Many didn’t like what they saw, particularly at Zoom because it was one of the most popular choices of new home-based workers.

That prompted Yaun to acknowledge falling short on security and privacy and promising to will shift all of its software engineering resources over the next three months to focus on trust, safety and privacy issues, as well as conduct a comprehensive product review with third-party experts.


How to secure Zoom, Webex


The first moves made earlier this month included making passwords mandatory for meetings and enabling a Waiting Room — where a host can screen attendees before going live — by default. Zoom 5.0’s new feature set is part of a second wave. In addition to tougher encryption, the changes include

  • Control Data Routing: The account admin may choose which data centre regions their account-hosted meetings and webinars use for real-time traffic at the account, group, or user level
  • A new “Security” icon: Zoom’s security features, which had previously been accessed throughout the meeting menus, are now grouped together and found by clicking the Security icon in the meeting menu bar on the hosts’ interface
  • Robust host controls: Hosts will be able to “Report a User” to Zoom via the Security icon. They may also disable the ability for participants to rename themselves. For education customers, screen sharing now defaults to the host only
  • Passwords: For administered accounts, account admins now have the ability to define password complexity (such as length, alphanumeric, and special character requirements). Additionally, Zoom Phone admins may now adjust the length of the pin required for accessing voicemail
  • Cloud recordings passwords: Passwords are now set by default to all those accessing cloud recordings aside from the meeting host and require a complex password. For administered accounts, account admins now have the ability to define password complexity;
  • Secure Account Contact Sharing: Zoom 5.0 will support a new data structure for larger organizations, allowing them to link contacts across multiple accounts so people can easily and securely search and find meetings, chat, and phone contacts
  • Dashboard enhancement: Admins on business, enterprise, and education plans can view how their meetings are connecting to Zoom data centres in their Zoom Dashboard. This includes any data centers connected to HTTP Tunnel servers, as well as Conference Room Connectors and gateways

Users may also now opt to have their Zoom Chat notifications not show a snippet of their chat; new non-PMI meetings now have 11-digit IDs for added complexity; and during a meeting, the meeting ID and Invite option have been moved from the main Zoom interface to the Participants menu, making it harder for a user to accidentally share their meeting ID.


Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer. Former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, Howard has written for several of ITWC's sister publications, including ITBusiness.ca. Before arriving at ITWC he served as a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Story

How the CTO can Maintain Cloud Momentum Across the Enterprise

Embracing cloud is easy for some individuals. But embedding widespread cloud adoption at the enterprise level is...

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.

Featured Tech Jobs