Video conferencing platform Zoom, after days and weeks of bans, criticisms, hacks and what not, has publicly released an updated, security-focused version of the platform. The new version, dubbed ‘Zoom 5.0’ is an end-product of the company’s ambitious 90-day security resolution plan that it had announced when the first major security loophole came into public limelight. The company also announced, that despite all that we have read in the news so far, Zoom continues to grab in more users meeting participants, with count crossing 300 million.
The new version is purely focused on enhancing user security and does not add any new features, in line with Zoom CEO Eric S. Yuan’s announcement a few back.
To start with, the platform has now adopted to the latest, AES 256-bit GCM encryption standard. Zoom 5.0, which is slated for release within the week, supports GCM encryption, and this standard will take effect once all accounts are enabled with GCM. System-wide account enablement will take place on May 30.
While encryption gets beefed up, Zoom is now also offering meeting admins, the ability to choose their data center regions. The account admin may choose which data center regions their account-hosted meetings and webinars use for real-time traffic at the account, group, or user level. This will be a crucial addition, since most of Zoom’s criticism so far has been around its uninformed routing of calls through sub-par servers in China.
Users will now also be able to access all of the platform’s security features through a new, dedicated section. These are now grouped together and found by clicking the Security icon in the meeting menu bar on the host’s interface. User passwords for meetings are also being reinforced with added complexities. Meeting passwords, is now on by default for most customers, including all Basic, single-license Pro, and K-12 customers. For administered accounts, account admins now have the ability to define password complexity.
In terms of admin controls, waiting room feature, that Zoom brought after much controversy, will now be a default. Admins will now also be able to report users via the Security icon. They may also disable the ability for participants to rename themselves.
Additional security enhancements include allowing users to have their Zoom Chat notifications not show a snippet of their chat. All new non-PMI meetings now have 11-digit IDs for added complexity, and during a meeting, the meeting ID and Invite option have been moved from the main Zoom interface to the Participants menu. This has been done to avoid those accidental sharing of meeting IDs that happens quite often.
These measures come after an ever-increasing number of bans and advisories, including those from government institutions, have come against Zoom. More recently, Indian Government’s cybsersecurity arm issued an advisory, terming Zoom an ‘unsafe’ platform. Prior to that, the Singapore and US governments had also issued partial bans and advisories against Zoom.