Zoom Introduces End-to-End Encrypted Phone Calls | SecurityWeek.Com
Starting last year, the television calling platform has been offering E2EE in Zoom Meetings, and it is now fix to make it available for one-on-one telephone conversations made through the Zoom client a well .
once the new have is available, users will see a “ More ” choice during earphone calls, allowing them to turn on encoding, which will be activated closely instantaneously. Users will besides have the choice to check E2EE condition by providing a unique security system code to one another .
The video conversation platform plans to make the E2EE feature available in Zoom Phone in the issue forth class.
additionally, the company has announced a Bring Your own Key ( BYOK ) volunteer catered to those customers that need to planning and manage their own encoding keys in order to meet stern conformity requirements .
“ With our BYOK put up, both Zoom and the customer are creditworthy for establishing a security model, ” Zoom says .
BYOK, the company explains, is meant for securely storing large assets, preferably than real-time use cases, such as video cyclosis .
With the sport enabled, a customer master samara ( CMK ) will be stored in a key management system ( KMS ) in AWS, which will be unavailable to Zoom. The video conferencing platform will interact with the KMS to fetch data keys to encrypt and decrypt assets before they are written to long-run memory .
“ Zoom will not store plaintext data keys in long-run data repositing, ” the platform says .
BYOK will become available in beta in the come months, allowing users to store recordings of Zoom Meetings and Zoom Video Webinars, and calendar for Zoom Rooms, angstrom well as Zoom Phone voicemails and recordings.
The newly announced Verified Identity, Zoom explains, is meant to bring attestation and authentication to the Zoom know. Developed in collaboration with Okta, it will allow the platform to verify users as they join zoom Meetings .
When in a meet, users will be able to share with others verified profile information such as mention, e-mail, and caller domain. Meeting hosts will have the option to remove participants that are not verified or for which the expose information doesn ’ thymine seem decline .
The feature of speech will become available next class, marking the first gradation in “ Zoom ’ s long-run identity attestation and confirmation first step scheme, ” the company says .
Related: CISO Conversations: Zoom, Thycotic CISOs Discuss the CISO Career Path
Related: Details Disclosed for Zoom Exploit That Earned Researchers $200,000
Read more: A Few Thoughts on Cryptographic Engineering
Related: Zoom Is 16th CVE Numbering Authority Appointed in 2021
Tags: