Zoom has released security-focused updates designed to protect users from advanced threats. At the annual Zoomtopia conference, the company announced three important innovations: end-to-end encryption (E2EE) for Zoom Phone, a new private key (BYOK) feature, and an identity verification system.
The company says the new features will extend existing protection (such as E2EE for Zoom calls) and hope to contribute somewhat to erase past security issues from memory. “Zoom strives to be a trust-based platform for trust between users, online interactions and trust in our services. Multiple encryption options and identity verification help build that trust and are a key part of our evolving security strategy.” – wrote Karthik Raman, Senior Product Manager
Perhaps the most significant of the security features announced at Zoomtopia is the identity verification program, which has been described as the beginning of a new long-term strategy. Under the program, which was developed in collaboration with the Okta identity management company, users must verify their identity before joining a meeting. Users will be verified by evaluating a combination of multiple data points, including account credentials, security issues, multi-factor authentication, and device ID.
After logging in, a blue check mark appears in the contact list. next to their name, which indicates that they have successfully passed the identity check. “As social engineering and phishing attacks become more sophisticated, protecting personal information is more important than ever. Identity authentication and verification can help determine if a guest in a meeting is really who they say they are,” Raman explained. According to him, this allows customers to freely share confidential information through Zoom calls, knowing that no intruders are present.
The BYOK (Bring Your Own Key) service, meanwhile, is designed to meet extensive compliance requirements. enable companies to better protect high values (such as meeting recordings). Registrant customers take control of a key management system within AWS that contains a master key that cannot be accessed by any other party, including Zoom itself.
Finally, Zoom end-to-end encryption offers Zoom Phone for your cloud-based phone system. According to the company, this feature provides protection against one-to-one calls against server compromise. Zoom Phone’s new identity verification system and E2EE will go live “sometime next year”, while a beta version of the BYOK service will be introduced in the coming months.
Hardware, software, tests, curiosities and color news by clicking here
