Zoom Update 5.0 Brings Key Security And Privacy Features Following Public Missteps

Zoom
Users have been having a love-hate relationship with Zoom, the popular video conferencing application that has a seen a surge in activity since the COVID-19 outbreak. The startup was not quite prepared for the influx of mainstream users, and Zoom's CEO admitted to some security and privacy "missteps." Some of those have been addressed in a new Zoom 5.0 software update.

The update is part of Zoom's previously announced 90-day plan to identify and address security and privacy issues. Part of that entails adding support for AES 256-bit GCM encryption. It's still end-to-end encryption, but should make Zoom meetings more secure.

“I am proud to reach this step in our 90-day plan, but this is just the beginning. We built our business by delivering happiness to our customers. We will earn our customers’ trust and deliver them happiness with our unwavering focus on providing the most secure platform,” said Eric S. Yuan, CEO of Zoom.

Bolstered encryption is one of two updates on the network side. The other is a feature called Control Data Routing. This enables account admins to select which data center regions their hosted meetings and webinars use for real-time traffic at the account, group, or user level, Zoom explained a blog post.

The Zoom 5.0 software update also added and/or improved a host of user side functions. For example, security features are now grouped together and accessible by clicking a Security icon in the meeting menu bar, rather than being scattered throughout the menus. This is also where a host can now report a user and disable the ability for participants to rename themselves.

Zoom's developers also focused on some areas specific to schools, to address concerns that meetings could be (and had been) infiltrated by people who would then post inappropriate images and remarks, an illegal practice known as Zoombombing. One of the key changes with the 5.0 update is that the Waiting Room feature is turned on by default. This plops newcomers into a virtual waiting room before they are admitted into a meeting, giving admins the opportunity to weed out potential troublemakers.

While Zoom has faced heavy criticism (and a class-action lawsuit) over its security and privacy lapses, it's now garnering some praise for its recent actions.

"When faced with questions over security and privacy, Zoom reacted quickly and very publicly to the challenges, including their CEO holding weekly public security briefings," said Wayne Kurtzman, IDC Research Director for Social, Communities, and Collaboration. "Zoom was also quick to take actions on changing the defaults that helped address meeting privacy concerns, as well as setting a 90-day plan for deeper actions, and communicating it publicly."

Anyone who is already running Zoom is encouraged to update it to the latest release. It can be found at zoom.com/download.