It's Here! 5 Things to Know About Zoom 5.0

We’re excited to share that Zoom 5.0 is now generally available! This release delivers one of our most advanced security enhancements to date with support for 256-bit AES-GCM encryption, which provides added protection for meeting data and greater resistance to tampering.

So, what does this new encryption algorithm mean for you, and what other security functionality should users be aware of in this new release? Here are 5 things you should know about Zoom 5.0:

Zoom 5.0 supports 256-bit AES-GCM encryption. A system-wide account enablement to 256-bit AES-GCM encryption will occur on May 30, 2020, and only Zoom clients on version 5.0 or later, including Zoom Rooms, will be able to join Zoom Meetings starting May 30.

Meeting hosts and co-hosts can report a user in their meeting who is misusing the Zoom platform. Found in the Security icon, the option sends a report to Zoom’s Trust & Safety team for review. The report can include a specific offense, description, and optional screenshot. The Report a User function is on by default but can be turned off at the account, group, and user level in the Zoom web portal.

A new encryption shield appears in the upper left of your Zoom Meeting window and indicates the encryption status of the meeting. After May 30, the shield will be green for all users, denoting 256-bit AES-GCM encryption. Clicking the icon also takes you to the Statistics page for additional encryption details.

Meeting hosts can now select data center regions at the scheduling level for data in transit. Data in transit, or data in motion, is data actively moving from one location to another such as across the internet or through a private network. Data at rest is data that is not actively moving from device to device or network to network such as data stored in a cloud data center. The Zoom client also shows which data center you’re connected to in the Info icon in the upper left of your Zoom window. You can get additional details in-meeting by selecting Video Settings - Statistics in the meeting controls.

Additionally, if organizations outside of China did not opt in to China data routing before the April 25 deadline, their meeting data will not be routed through mainland China servers for meetings hosted by those accounts.

We've refined the action of ending or leaving a Zoom Meeting to make it easier and also more secure. With a new UI update, hosts can clearly decide between ending or leaving a meeting. If the host leaves, they can now easily select a new host and have the confidence that the right person is left with host privileges.

A few other recent Zoom security updates include: 

• Profile picture control: Account admins and hosts can disable the ability for participants to show their profile picture and also prevent them from changing it in a meeting.
• Minimum password length: The minimum default password length will be six characters for meetings, webinars, and cloud recordings.
• Cloud recording security: Admins and meeting hosts can set expirations on their cloud recordings and can disable the sharing of their recordings.

• Zoom end users: Upgrade to Zoom 5.0 by visiting the Zoom download page.
• Zoom administrators: Get detailed information on how to manage this update for various endpoints in your environment on the Zoom 5.0 IT administrators page. 

For additional information, check out the Zoom 5.0 webpage or the Release Notes.

Editor's note: This post was updated Nov. 6, 2020, to clarify language around customizing your data routing settings. 

3/17/21: This blog was updated with minor word usage changes for clarity/specificity.

Editor’s note: This blog post was edited on Aug. 2, 2021 to include the most up to date information on Zoom encryption.