Posts

About Zoom Security

Written by Daman Grewal on April 30, 2021

I have been receiving a lot of questions regarding Zoom security. I want to make sure all of you are aware that over the past few days, Zoom has made handful of changes to encrypt data and prevent Zoombombing.

Below are some useful links provided by Zoom highlighting the recently made changes to protect end user data, encryption, and securing of virtual classrooms.

Additionally, see this guide for best Zoom security practices from the California Community Colleges Information Security Center.

New and Enhanced Features

User Features 

  • Enhanced data privacy notice: In-context user education for various features, such as viewing a cloud recording, informs the user who can see, save, and share the information before they provide it. 
  • UI enhancement for webinar practice session: Webinar hosts that enable the practice session will see a Start Practice Session button when viewing their webinar details instead of a Start Webinar button. 

Administrator Features

  • Enhancement to cloud recording reports: Account owners and admins can increase the reporting range up to one year and generate reports for multiple sub-accounts. 
  • Allow all or selected emojis for meeting reactions: If the meeting reactions feature is enabled, account owners and admins can allow meeting participants to use all emojis or a predefined set of six emojis. This feature requires client version 5.6.3 or higher. 

Web Client Features

  • Enhanced data privacy notice: In-context user education for various features, such as polling, Q&A, chat, whiteboard, closed captioning, and others, informs the user who can see, save, and share the information before they provide it. 

Updates to Zoom Desktop Client

New and Enhanced Features

General Features

  • Enhanced Untrusted Service Certificate alerts for WIndows, macOS, Linux, Android, and iOS: Untrusted Service Certificate alerts will now provide additional information about the error, such as the server name on the certificate is incorrect, failed revocation check, untrusted certifying authority, or an invalid certificate or associated chain. Users will also be able to view the certificates to assist in troubleshooting.
  • Enhanced data privacy notices for Windows, macOS, Linux, Android, and iOS: See Web Portal > Web Client Features section. 

Meeting/Webinar Features

  • Vanishing Pen for Windows, macOS, and Linux: This new annotation tool will allow annotators to make on the shared screen to highlight certain information, but the markings will fade away within a couple of seconds. 

Meeting Features 

  • Full suite of emojis for Reactions for Windows, macOS, Linux, Android, and iOS: Available in client version 5.2.0 or higher, all emojis available for Zoom chat can now be used as a reaction in a meeting. Hosts can restrict reactions to the standard set or allow use of the full suite. 

Chat Features 

  • Enhancements to deactivate user visibility for Windows, macOS, Linux, Android, and iOS: Deactivated users will no longer be searchable, unless there is existing chat history with that user. Profile information and available interaction options will be reduced in line with their diminished user status. Deactivated users will be listed at the bottom of any contact list or group. 

Phone Features

  • Recover call history, voicemail, and recordings for Windows, macOS, Linux, Android, and iOS: If enabled by the admin, users can restore their soft-deleted history, voicemail, or recording within 30 days. After that, it will be permanently deleted from the account. This feature needs to be enabled by Zoom.

Updates to Zoom Phone

New and Enhanced Features

Administrator Features

  • Enhancements to call queue real-time analytics and historical dashboard: With newly added “available” status, account owners, admins, and queue members with the Power Pack add-on can view the number of members who are available to receive call notifications from the call queue. They can also select a date range of up to one year for historical reports.

Changes to existing features

  • Waiting Room participants viewable in Participants List
    If a SIP/H.323 device joins the meeting using the Host Key, the Participants List will also include participants who are still in the Waiting Room. Participants in the waiting room will be denoted with stars next to the name.
  • Received reactions viewable on main meeting screen
    Reactions sent by participants will now be displayed in the top corner of the sending participant’s video tile, when viewed from a SIP/H.323 device. Currently only Clapping Hands, Thumbs Up, Heart, Tears of Joy, Open Mouth, and Party Popper (Tada, Celebration) will be displayed.
  • Enhanced data privacy notices
    In-context user education for various features, such as Live Transcription, Recording, and Webinar attendee status.

Resolved issues

  • Fixed an issue where latency was displayed as 0 for devices connecting via the Cloud Room Connector.
  • Minor bug fixes

New updates for the Outlook plugin

  • Select data center regions when scheduling a meeting – Windows, macOS
  • Users can now select which data center regions they would like their in meeting traffic to use when scheduling on the Zoom web portal. 
  • Enable Waiting Room when scheduling a meeting – macOS
  • Users can now enable Waiting Room on a meeting by meeting basis when scheduling. 

For more information and resources in the days to come please be sure to update to Zoom’s latest release to take advantage of these new features, and subscribe to their Blog!

New Updates to Client

General Features 

  • Enhanced scheduling with default settings: Scheduling a new meeting will always check the user’s web settings and use those as the default. Any changes from the default will be saved for that meeting only.
  • Studio Effects: Users can now apply eyebrows, mustache and beard, and lip color filters as part of their video appearance. This feature is currently in beta and can be accessed from your backgrounds and filters tab.

Meeting/Webinar Features

  • Roll-Up Closed Captioning: Closed captioning will now roll up as new captions are added. Users can also move through captioning by dragging the text.
  • Virtual Background not compatible explanation: When you are unable to use the virtual background feature, the desktop client will provide clarification; for example, the i7-5500U processor is not currently compatible with this feature.
  • Self-Select Breakout Rooms: The host can now create breakout rooms with the option for participants to self-select which breakout room they would like to join. If enabled, participants can move freely between breakout rooms without the host’s help. Both the meeting host and participants need to be on Client 5.3.0 or later to self-select Breakout Rooms.

Chat Features

  • Enhanced Search: Desktop users can filter by order, sent by, and date filters for file search. Mobile users can filter by order for file search. All image search results will display as thumbnail previews. Channel and contact results will also be split into their own categories. Users can also clear the list of recent searches.
  • Mark as Unread for images and files: Transferred files and images can be marked as unread separately from the message.