Zoom is certainly having a moment in popular culture. Zoom saw huge numbers of users flocking to its service for its ease of use but with convenience comes risks. We have covered Zoom’s issues exhaustively to the point we were writing about some problem or another everyday. Today at least we get to cover positive things like improvements that address privacy and security.
We recently reported on Zoom’s self-imposed 90-day new feature freeze, to address the many issues they have had.
The new 5.0 update includes a new security icon the groups all of Zoom’s security features in one easy to find place. The button can be used to lock meeting with a tap, remove participants, restrict screen sharing and chat in meetings.
Okay that’s good, what else. Zoom is making password mandatory by default. IT Admins will be able to define the password complexity for Zoom users in enterprises. Waiting room is also on by default for basic, single-license Pro and education users.
What about the infamous ‘Zoombombing?’
This is perhaps Zoom’s biggest foe to overcome and most of the updates are clearly geared toward vanquishing ‘Zoombombing.’ Zoombombing if you don’t know already is where someone with ill intent join Zoom calls and disrupt it with inappropriate content.
Zoom is upgrading its encryption to AES 256-bit encryption standard. That’s sounds good but still isn’t end-to-end encryption like they originally claimed. They haven’t gotten around to honoring their claim of end-to-end encryption, we may need to wait till their next update for that.
Data center choice
Business customers can now select which data center regions will manage their meeting traffic. This addressed concerns that some meeting data was being sent to servers in China.
Related Reading: More Zoom stories
Zoom 5.0 update details
- AES 256-bit GCM encryption: Zoom is upgrading to the AES 256-bit GCM encryption standard, which offers increased protection of your meeting data in transit and resistance against tampering. This provides confidentiality and integrity assurances on your Zoom Meeting, Zoom Video Webinar, and Zoom Phone data. Zoom 5.0, which is slated for release within the week, supports GCM encryption, and this standard will take effect once all accounts are enabled with GCM. System-wide account enablement will take place on May 30.
- Data routing control: The account admin may choose which data center regions their account-hosted meetings and webinars use for real-time traffic at the account, group, or user level.
- Security icon: Zoom’s security features, which had previously been accessed throughout the meeting menus, are now grouped together and found by clicking the Security icon in the meeting menu bar on the host’s interface.
- Robust host controls: Hosts will be able to “Report a User” to Zoom via the Security icon. They may also disable the ability for participants to rename themselves. For education customers, screen sharing now defaults to the host only.
- Waiting Room default-on: Waiting Room, an existing feature that allows a host to keep participants in individual virtual waiting rooms before they are admitted to a meeting, is now on by default for education, Basic, and single-license Pro accounts. All hosts may now also turn on the Waiting Room while their meeting is already in progress.
- Meeting password complexity and default-on: Meeting passwords, an existing Zoom feature, is now on by default for most customers, including all Basic, single-license Pro, and K-12 customers. For administered accounts, account admins now have the ability to define password complexity (such as length, alphanumeric, and special character requirements). Additionally, Zoom Phone admins may now adjust the length of the pin required for accessing voicemail.
- Cloud recording passwords: Passwords are now set by default to all those accessing cloud recordings aside from the meeting host and require a complex password. For administered accounts, account admins now have the ability to define password complexity.
- Secure account contact sharing: Zoom 5.0 will support a new data structure for larger organizations, allowing them to link contacts across multiple accounts so people can easily and securely search and find meetings, chat, and phone contacts.
- Dashboard enhancement: Admins on business, enterprise, and education plans can view how their meetings are connecting to Zoom data centers in their Zoom Dashboard. This includes any data centers connected to HTTP Tunnel servers, as well as Zoom Conference Room Connectors and gateways.
- Additional: Users may now opt to have their Zoom Chat notifications not show a snippet of their chat; new non-PMI meetings now have 11-digit IDs for added complexity; and during a meeting, the meeting ID and Invite option have been moved from the main Zoom interface to the Participants menu, making it harder for a user to accidentally share their meeting ID