Zoom 5.0 adds 256-bit encryption to address security concerns

Milestone update adds stronger host controls to prevent cyber incidents like Zoom-bombing

Zoom has rolled out a flagship update comprising data encryption and front-end security-centric functionality as part of the company’s 90-day plan to address privacy and security gaps. 

The company hopes the implementation of the 256-bit AES-GCM encryption standard in Zoom 5.0 will give users concerned over the security of meetings some reassurance that their data is protected from cyber criminals. 

With the added layer of encryption, Zoom Meeting, Zoom Video Webinar and Zoom Phone data will be protected against tampering, the company insists, with this latest update providing a level of confidentiality that wasn’t present in previous iterations.

The standard will take effect once all accounts are enabled with GCM, with system-wide account implementation set to take place on 30 May.

Zoom was previously criticised for not using end-to-end encryption to safeguard meetings despite claiming to on promotional materials.

The network improvement comes in addition to Control Data Routing, which allows account administrators to choose which data centre regions their account-hosted meetings and webinars use for real-time traffic. This measure was announced by the company earlier this month.

Meanwhile, the front-end user interface (UI) will be overhauled to include a host of additional functionality, from host controls to passwords for cloud recordings.

“We take a holistic view of our users’ privacy and our platform’s security,” said Zoom CPO Oded Gal. “From our network to our feature set to our user experience, everything is being put through rigorous scrutiny. On the back end, AES 256-bit GCM encryption will raise the bar for securing our users’ data in transit. 

“On the front end, I’m most excited about the Security icon in the meeting menu bar. This takes our security features, existing and new, and puts them front and centre for our meeting hosts. With millions of new users, this will make sure they have instant access to important security controls in their meetings.”

As part of the major update, users will be given a central security hub, which can be accessed through a security icon on the host’s interface. Hosts can, for the first time, report a user to Zoom, and disable the ability to participants to rename themselves, among other controls. The virtual waiting room, meanwhile, will be enabled by default so hosts can control who can enter meetings at all times.

Related Resource

Five essentials of a secure modern workplace

The CIO's guide to unleashing productivity whilst minimising risk

Download now

The latest version of Zoom will also support a new data structure for larger organisations, allowing them to link contacts across multiple accounts so people can seamlessly search and find meetings, phone contacts or chats.

Improvements to the dashboard will allow account administrators to view how their meetings are connected to Zoom data centres, which includes any data centres connected to HTTP Tunnel servers, as well as Conference Room Connectors and gateways.

The company has ploughed its resources into resolving a host of well-documented security issues which have arisen since the video conferencing platform was thrust into the spotlight following an explosion of user activity.

While many have opted to use the service in light of the coronavirus pandemic forcing employees to work from home, a string of organisations have instead banned the platform, including the Ministry of Defence (MoD) and Google.

Featured Resources

How to be an MSP: Seven steps to success

Building your business from the ground up

Download now

The smart buyer’s guide to flash

Find out whether flash storage is right for your business

Download now

How MSPs build outperforming sales teams

The definitive guide to sales

Download now

The business guide to ransomware

Everything you need to know to keep your company afloat

Download now

Recommended

New report highlights the need for diversity in cyber security recruitment
cyber security

New report highlights the need for diversity in cyber security recruitment

28 Apr 2021
GitHub now supports security keys in a move away from passwords
Security

GitHub now supports security keys in a move away from passwords

12 May 2021
Cyber attacks on manufacturing up 300% in a year
Security

Cyber attacks on manufacturing up 300% in a year

11 May 2021
US fuel pipeline hackers reveal their motive
ransomware

US fuel pipeline hackers reveal their motive

11 May 2021

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

29 Apr 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

30 Apr 2021