Zoom Forces V5.0 Update
In Midst Of Security Concerns
SKIP TO THE BIT YOU WANT :
In an email we just received from Zoom, who recently acquired Keybase (a security solution) they are informing users ;
Zoom 5.0 is live & ALL users will have to upgrade by 30th May 2020, when Zoom will be enabling GCM encryption across the entire Zoom platform, providing increased protection for meeting data.
With users looking for alternatives after yet another security issue, Zoom took, what others might see as drastic action, or a quick fix solution, by acquiring Keybase, with
The Goal of Developing the Most Broadly Used Enterprise End-to-End Encryption Offering.
Since its launch in 2014, Keybase’s team of exceptional engineers has built a secure messaging and file-sharing service leveraging their deep encryption and security expertise.
Zoom Sideswipes Facebook’s latest acquisition GIPHY
On web, users will see a
Temporary removal of GIPHY feature in Chat To ensure strong privacy protection for the users of GIPHY on Zoom Chat, Zoom is disabling the GIPHY integration on May 21, 2020. Once additional technical measures have been deployed, we will re-enable the feature.
What you may have missed…
What a lot of people in businesses and organisations ranging from solo entrepreneurs, all the way through to the UK Government may have missed, is the social etiquette that happens ‘behind closed doors‘ in the tech world.
Most companies will notify one another of vulnerabilities and give them a set period to address them before exposing them publicly.
This latest scandal is far from the first, and was much more prevalent than others because it affected Mac & PC users alike.
We have seen this with Facebook and other big companies before, sometimes the quickest and best way to avert a crisis situation is through acquisition of a company that has all the skills and IP you need to resolve your current issue.
That is what happened when Zoom acquired Keybase
This latest update is one you do not have a choice in if you wish to continue using Zoom‘s service as this is a required update!
Security Enhancements included in Zoom 5.0
User Experience & Controls
Security controls are now grouped together and found by clicking the Security icon on the host meeting menu bar.
These controls allow the host to enable or disable the ability for participants to:
Screen share || Chat || Rename Themselves
- “Report a User”
Hosts can report users to Zoom’s Trust & Safety team, who will review any potential misuse of the platform and take appropriate action.
- Enable Waiting Room
All hosts may now turn on the Waiting Rooms while their meeting is already in progress.
- Lock Meeting
Lock your meeting after everyone has arrived to prevent any unwanted disruptions.
- Remove Participants
The host may remove a participant and they will be unable to re-enter the meeting.
Additional Meeting Safeguards
Waiting Room enabled by default
Waiting Room, an existing feature that allows a host to keep participants in individual virtual waiting rooms before they are admitted to a meeting, is now on by default for education, Basic, and single-license Pro accounts. It is recommended best practice for all customers to turn on Waiting Rooms.
Complex Meeting IDs
Eleven digit unique meeting IDs are now in place. Meeting IDs are also removed from the content sharing window to prevent accidental sharing of meeting information.
Passwords & Password complexity
Meeting passwords are now more complex and enabled by default for most customers, including all Basic, single-license Pro, and K-12 customers. For administered accounts, account admins now have the ability to define password complexity (such as length, alphanumeric, and special character requirements).
Registration for meetings will allow you to have your participants register with their email, name, and other details to know more about attendees.
Enable meeting preset profiles that only allow entry to authenticated users, or restrict to specific email domains for Business, Enterprise or Education accounts.
All cloud recordings are encrypted with complex passwords on by default.
Turn this on to embed a user’s personal information into the audio as an inaudible watermark if they record during a meeting. If the audio file is shared without permission, Zoom can help identify which participant recorded the meeting.
Screen Share Watermark
Superimposes the image of a meeting participant’s email address onto shared content in the event a participant takes a screenshot.
Message Preview Options
Users can now enable Zoom Chat notifications to not show chat content while screen sharing.
Secure Account Contact Sharing
Zoom 5.0 supports a new data structure for larger organizations, allowing them to link contacts across multiple accounts so people can easily and securely search and find meetings, chat, and phone contacts.
Control Profile Picture
Host or account admin can disable the ability for participants to show their profile picture or change it in a meeting.
Data Center Information
Hosts can now select which data center regions they would like their in-meeting traffic to use when scheduling a meeting, and participants can see which data center they are connected to by clicking on the info icon at the top left of the client window.
5 Things You Should Know About Zoom 5.0:
- AES 256-bit GCM encryption
Zoom 5.0 supports our current encryption and GCM encryption. A system-wide account enablement to GCM encryption will occur on May 30, 2020, and only Zoom clients on version 5.0 or later, including Zoom Rooms, will be able to join Zoom Meetings starting May 30.
- Report a User feature
Meeting hosts and co-hosts can report a user in their meeting who is misusing the Zoom platform. Found in the Security icon, the option sends a report to Zoom’s Trust & Safety team for review. The report can include a specific offence, description, and optional screenshot. The Report a User function is on by default but can be turned off at the account, group, and user level in the Zoom web portal
- New encryption icon
A new encryption shield appears in the upper left of your Zoom Meeting window and indicates a secure, encrypted meeting. After May 30, the shield will be green for all users, denoting enhanced GCM encryption. Clicking the icon also takes you to the Statistics page for additional encryption details.
- Enhanced data cente information
Meeting hosts can now select data centre regions at the scheduling level for meetings and webinars. The Zoom client also shows which data centre you’re connected to in the Info icon in the upper left of your Zoom window. You can get additional details in-meeting by selecting Video Settings – Statistics in the meeting controls.
Additionally, if organisations outside of China did not opt in to the China data centre before the April 25 deadline, those accounts will not be able to connect to mainland China for data transit.
- Enhancements to ending/leaving meetings
We’ve refined the action of ending or leaving a Zoom Meeting to make it easier and also more secure. With a new UI update, hosts can clearly decide between ending or leaving a meeting. If the host leaves, they can now easily select a new host and have the confidence that the right person is left with host privileges.
Additional security enhancements
A few other recent Zoom security updates include:
- Profile picture control: Account admins and hosts can disable the ability for participants to show their profile picture and also prevent them from changing it in a meeting.
- Minimum password length: The minimum default password length will be six characters for meetings, webinars, and cloud recordings.
- Cloud recording security: Admins and meeting hosts can set expirations on their cloud recordings and can disable the sharing of their recordings
How does Zoom Make YOU Feel?
We would love to know how you feel about Zoom and the issues raised in this article and the media. Are you still using it or have you found a great alternative solution?
We are always on the lookout for new tools to test, try and endorse to our community, so please share your experiences with us.
- Do you still join Zoom meeting?
- Have you taken any additional precautions to safeguard yourself and your data?
- What is the best alternative you have used?