Who is responsible for cybersecurity? Is it…A. Employees B. Executives C. Users D. All of the above
For those that answered D. “All of the above,” you’re correct and already aligned with this year’s Cybersecurity Awareness Month theme, “See Yourself in Cyber.” The theme reflects that cybersecurity is about all of us — it boils down to people, with the responsibility equally falling on both those that build technology and those using it.
That’s why we at Zoom strive to make security accessible for everyone. We’ve created a wide variety of easy-to-use features and tailored resources that can help you safeguard your information while maintaining the flexible, reliable Zoom experience. Here are a few recent ones:
Recent features and offerings
Zoom Customer Managed Key (CMK): As our newest advanced security offering, CMK is designed to help you address stricter compliance requirements or other needs, equipping you with the ability to protect certain data stored at rest within the Zoom Cloud infrastructure using your own encryption keys.
End-to-end encryption for Zoom Phone and Breakout Rooms: Our optional end-to-encryption (E2EE) feature has recently expanded to Zoom Phone and is coming soon to Breakout Rooms.
- Zoom Phone: You will have a new option to upgrade to E2EE during one-on-one Zoom Phone calls between users on the same Zoom account that occur via the Zoom client. During a call, you can select “More” and see an option to elevate the session to an end-to-end encrypted phone call. The upgrade takes a second and helps add an extra layer of privacy to your phone calls occurring over Zoom.
- Breakout Rooms (coming soon): E2EE for Breakout Rooms will be the same experience as a standard E2EE meeting, except each breakout room will get its own unique meeting encryption key. You can use this feature when you need to add an extra layer of security to important, private conversations, or just want to get certain people together during an E2EE meeting.
Account Theft Protection: This feature helps us determine if the login and password used for your Zoom account may have been compromised on another service and if so, we send you a notification and prompt you to reset your password within one day. If the password is not reset in 24 hours, we will force a logout for your account in an effort to proactively prevent account takeovers. This helps prevent cybercriminals from potentially using your compromised credentials to access your Zoom account.
One-time password (OTP): If we detect a suspicious login — when you log in from a different location or device than usual — this feature asks you to enter a one-time password that is sent to your email address. This applies to those who use a work email to log in and do not have two-factor authentication enabled.
In addition to these recent features, we offer an aggregate of controls that you can use to add an extra layer of security to your Zoom experience. These include:
- Single sign-on (SSO)
- Two-factor authentication
- Automatic updates
- In-meeting security controls
- Advanced chat encryption
And many more.
Resources and training
Zoom Trust Center: Our Trust Center is a one-stop shop for assets about Zoom compliance, privacy, safety, and security. It includes compliance and corporate governance resources, a detailed privacy overview, privacy resources, security resources and certifications, a detailed trust and safety overview, trust and safety policies, and more.
Zoom Security Basics: On the Zoom Learning Center, you can take a free, interactive course to learn how to deploy immediate safety and security features to help protect participants on Zoom. By the end of this on-demand course, you’ll be able to:
- Prevent: Configure a Waiting Room, require a passcode, require authentication
- Act: Lock a Meeting, remove a participant, suspend all participant activities
- Report: Report to Zoom Trust & Security
A united front
You shouldn’t use Zoom without security controls the same way you shouldn’t drive a car without a seatbelt. Speed and flexibility can’t come without safety, which is why we all must see ourselves in cyber.
It’s on all of us to make smart decisions, no matter what you do or where you are. At Zoom, we strive to complement new security innovation with relevant education so customers know how to use our platform to secure their communications effectively. When technology and awareness go hand-in-hand, we’re all in a better position to do our part in making the internet a safer place.
To learn more about Zoom’s approach to security and privacy, explore our Trust Center. And get more details on the National Cybersecurity Alliance, which Zoom supports as a Cybersecurity Awareness Month champion organization.