Further Securing Zoom Meetings
In an effort to ensure the security of our online meetings, ICANN is making several changes to our Zoom configuration. The majority of these changes are behind the scenes and will not greatly impact a typical user’s experience in Zoom. However, there are a few important updates to take note of.
The largest update is the one to the Zoom client, which was released on Monday, 27 April. This patch, dubbed Zoom 5.0, includes an overhaul of the encryption used in the Zoom application. Zoom will no longer operate using 128 or 256-bit ECB encryption, generally considered to be a weak method, and will instead make use of 256-bit GCM encryption, a stronger and far more preferable method of encryption. For a full breakdown on the type of encryption Zoom 5.0 uses, as well as any of the other updates in Zoom 5.0, we’d recommend taking a look at Zoom’s documentation.
Zoom plans to cut overall service to Zoom 5.0, and will be requiring users to update by 30 May 2020. Zoom will be working diligently over the course of this month to ensure that their immense user base is moved over to 5.0 as smoothly as possible.
On the individual account level, Zoom has made available the option to upgrade our own instance before the 30 May deadline, and ICANN has decided to do so. Our primary motivation is, simply put, increasing the security of our online meetings. By moving to GCM encryption, we are taking the best possible step towards ensuring peace of mind whenever we join a Zoom call.
Further, we intend to perform stringent testing of the new version of Zoom prior to ICANN68. Our goal is to hold yet another successful virtual meeting under even more physical restrictions than those we faced during ICANN67. The sooner we begin this testing the better, as it gives us more time to work out any kinks in the system. With this in mind, we are moving swiftly, and all users joining ICANN Zoom meetings will be required to update to Zoom 5.0 no later than 6 May. Updates are available for all platforms and can be accessed on Zoom’s download page.
We have made a number of alterations to our account settings as well. The most impactful change is the new requirement that all meetings be secured with a password. This is the first step recommended by security professionals to keep meetings secure, and one which we had largely adopted org-wide prior to making it a requirement for all. We will make another announcement in the coming weeks regarding how this may impact joining meetings during ICANN68, as we work towards the best overall solution.
If you have any questions about other changes to our account, or about Zoom in general, please get in touch with your usual staff liaisons or email firstname.lastname@example.org. We will make sure you get the answers you are looking for.