Zoom is living up to its namesake in its responsiveness in addressing security and privacy issues that users have identified in its product. While the upcoming release of the 5.0 update addresses many initial concerns, the product still does not offer end-to-end encryption.
Source: Zoom Hits Milestone on 90-Day Security Plan, Releases Zoom 5.0. Published April 22, 2020.
The notable security and privacy enhancements in Zoom 5.0, and the advantages that each feature brings, are listed below:
Please refer to Zoom’s blog article Zoom Hits Milestone on 90-Day Security Plan, Releases Zoom 5.0 for additional information on these, and other enhancements in Zoom version 5.0.
Unfortunately, while the product’s meeting control and network transport is much more secure, the product still does not have end-to-end encryption.
It is commendable to see Zoom delivering on its promise to enhance product security in such a rapid manner within their 90-day enhancement freeze period.
The lack of end-to-end encryption, however, is disappointing, even with the additional enhancements in data-in-transit security. That said, the ability for meeting hosts to select the data center region for the hosting of meetings should offer some peace of mind for organizations concerned about their communications hosted on servers in countries where data privacy laws are not formally defined.
Zoom administrators should note that this is an update to the Zoom client software, and therefore the installation must occur on user workstations. This may prove to be a challenge during the current COVID-19 lockdown and work-from-home mandate. It would be helpful if Zoom built in the ability for Zoom administrators to push out client updates to all users of Zoom business accounts. In the interim, organizations should consider company-wide communication to all Zoom business users with upgrade instructions.