Zoom plans to verify your identity before every meeting
Zoom emphasizes commitment to security with slew of updates
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Zoomhas lifted the lid on a selection of security-focused updates designed to shield users from advanced threats.
At its annual Zoomtopia conference, thevideo conferencingcompany announced three major new additions: end-to-end encryption (E2EE) for Zoom Phone, a new bring your own key (BYOK) service and an identity verification scheme.
The company says the new features will expand upon protections already in place (such as E2EE for Zoom calls), and will hope they also go some way to erasing its pastsecurity hiccupsfrom memory.
“Zoom strives to be a platform built on trust - trust between users, trust in online interactions and trust in our services,” wrote Karthik Raman, Principal Product Manager.
“Multiple encryption options and identity verification help build the foundation for that trust, and are a key part of our evolving security strategy.”
Zoom security updates
The most significant of the security features announced at Zoomtopia is perhaps the identity verification program, which was described as the start of a new long-term strategy.
Under this scheme, which is being developed in partnership withidentity managementcompany Okta, users will be asked to verify their identity before joining a meeting. The system will vet users by assessing a combination of data points, including account credentials, security questions, multi-factor authentication, device ID and more.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Once inside, a blue checkmark will appear next to their name in the roster to show they have successfully passed identity checks.
“With social engineering and phishing attacks becoming more sophisticated, protecting personal information is more important than ever. Identity authentication and attestation can help determine if a meeting guest is who they say they are,” explained Raman.
This way, he says, customers can freely share classified information over Zoom calls in the knowledge that no intruders are present.
The BYOK service, meanwhile, is designed to give companies with extensive compliance requirements a way to protect large assets (such as meeting recordings) more effectively. Customers that enroll will take control of a key management system within AWS, which will contain a master key that no other party can access - including Zoom itself.
And finally, Zoom is bringing end-to-end encryption to Zoom Phone, itscloud phone system. The company says the feature will add a layer of protection to one-on-one calls by shielding against server compromise.
The new identity verification scheme and E2EE for Zoom Phone will come into effect “some time next year”, while a beta for the BYOK service will roll out over the next few months.
Joel Khalili is the News and Features Editor at TechRadar Pro, covering cybersecurity, data privacy, cloud, AI, blockchain, internet infrastructure, 5G, data storage and computing. He’s responsible for curating our news content, as well as commissioning and producing features on the technologies that are transforming the way the world does business.
7 myths about email security everyone should stop believing
Best Usenet client of 2024
Black Friday is here: Sony XM5 over-ears drop to their lowest-seen price – act fast!
