Zoom will offer stronger encryption for paid accounts
The plans have been confirmed by the company's security consultant Alex Stamos
Zoom is planning to roll out stronger encryption for businesses and institutions that pay for its service.
Zoom’s security consultant Alex Stamos, who was poached by the company in early April, has confirmed the news but added that the plan was subject to change.
According to Reuters, Stamos has not yet decided whether stronger security measures could also potentially be rolled out for non-profit organisations or users in need of an extra layer of protection, such as political dissidents.
“At the same time that Zoom is trying to improve security, they are also significantly upgrading their trust and safety,” Stamos told Reuters in an interview published yesterday.
“The CEO is looking at different arguments. The current plan is paid customers plus enterprise accounts where the company knows who they are.”
He added that providing full encryption for every meeting would leave Zoom’s trust and safety team unable to add itself as a participant in gatherings to tackle abuse in real-time.
Zoom hired former Facebook security chief Stamos following numerous security incidents which threatened the immense popularity of the video conferencing platform, such as ‘Zoom-bombing’, which led to numerous companies and institutions banning the use of the platform.
Zoom attracted millions of users and became the most popular video conferencing platform globally. With the majority of its audience using the free version of the platform, Zoom might be trying to increase the number of its paid users and regain the trust of businesses by promising a higher level of security for its paid subscription models.
However, a similar announcement from Facebook, which plans to implement end-to-end encryption across all of its messaging systems, has garnered criticism from its shareholders.
Zoom had been previously criticised for not using end-to-end encryption despite specifically stating that it does on its website. The company finally implemented the 256-bit AES-GCM encryption standard in late April.
Defending against malware attacks starts here
The ultimate guide to building your malware defence strategyFree Download
Datto SMB cyber security for MSPs report
A world of opportunity for MSPsFree Download
The essential guide to preventing ransomware attacks
Vital tips and guidelines to protect your business using ZTNA and SSEFree Download
Medium businesses: Fuelling the UK’s economic engine
A Connected Thinking reportFree Download