Skip to main content

5 Handy Security Features Included in the Zoom Desktop Client

From instant messaging on Zoom Chat to quickly scheduling Zoom Meetings to even making frictionless calls with Zoom Phone, the Zoom desktop client — downloadable Zoom app for your computer — helps users quickly and safely launch the communication channel of their choice.

Underpinned by our standard 256-bit AES-GCM encryption, the Zoom client helps enable seamless and secure collaboration — it’s even recently become the first video communications client to obtain the industry-recognized Common Criteria certification for the Zoom Meeting client version 5.6.6. 

While it’s home to numerous security features, we wanted to highlight a few key aspects of the Zoom desktop client that users can deploy to help protect their communications.

Here are five key security features included in the desktop client: 

1. Authenticated login 

To help authenticate Zoom users in schools and business environments as they log into the client, we offer a single sign-on (SSO) feature that creates a safe and quick login process. If you can not use single sign-on, we recommend using two-factor authentication (2FA) to still add an extra layer of security to the process.

While both of these options require initial setup from administrators, an authenticated login process will help users start their experience with the Zoom client on the right foot. 

You can also log in via an OAuth process, which allows you to approve one application — Google or Facebook — to interact with Zoom on your behalf so you don’t have to manually enter a password. For any users manually logging in without using any of these protocols, we recommend you deploy a strong and complex password. 

2. Secure meeting scheduling 

When scheduling a Zoom Meeting, you can quickly toggle on a few settings right within the client to help safeguard your upcoming session. 

Head to “Home” in the top navigation of the Zoom client and click “Schedule.” Then, a pop-up will emerge that enables you to tailor the meeting settings to your individual needs. There’s an entire “Security” section included in this pop-up, where you can select from options like, “Only authenticated users can join” and “Waiting Room” to add on helpful layers of protection. 

You can also select your preferred encryption for the meeting, choosing from enhanced encryption or our end-to-end encryption (E2EE) option. Both options use our standard 256-bit AES-GCM encryption, with the difference being where the encryption keys are stored. With E2EE enabled, the cryptographic keys are known only to the devices of the meeting participants. Enabling E2EE for meetings disables certain features and requires all meeting participants to join from the Zoom desktop client, mobile app, or Zoom Rooms.


For more tips on how to secure your Zoom Meetings, check out this blog

3. Automatic updates

We recently released an automatic update feature designed to help streamline the software update and bug patching process. You can turn on automatic updates right in the Zoom client by following these quick steps:

  • In “Settings,” under “General,” select the “Automatically keep my Zoom up to date” checkbox to apply automatic updates.
  • You will be prompted to enter admin credentials to give automatic updates permission to run, but it will only be required when enabling this setting.
  • Once a new version of Zoom is available and you’re not in a Zoom Meeting, you will be prompted to update. If you’re in a meeting, you will be prompted with the update immediately after it ends.
  • You may also express a preference for how frequently to receive updates. The “Slow” option, selected by default, provides less frequent updates and focuses on maximizing stability. The “Fast” option allows you to adopt the latest features and updates as soon as they become available. When critical security updates are involved, updates will go to everyone.

Users who enable this feature will automatically receive updates to Zoom software in the future. This feature may already be enabled for some devices on enterprise Zoom accounts, where the administrator has existing auto-update settings enabled. 

4. Advanced chat encryption 

Advanced chat encryption allows for a secured communication where only the intended recipient can read the secured message. While this feature has to be enabled by account administrators, users can deploy it when communicating about particularly sensitive information in a one-to-one or group chat. 

When advanced chat encryption is enabled, data at rest is encrypted by encryption keys generated and operated on chat participants’ devices. Chat data in transit, however, is encrypted in transit using Transport Layer Security (TLS) encryption.

5. Managing blocked users 

If you’ve accepted an unknown external contact request or are experiencing disruptive behavior from a fellow user, you have the ability to block them. Just go to a user’s name on the left side of the Zoom Chat window, and click the “Options” arrow on the right side of the bar. From that drop-down menu, you can block a user. All blocked users will show up in “Settings” under “Chat,” where you can manage the list and unblock a user, as shown below.

A unified approach to security 

No matter how Zoom users access the platform — through the Zoom desktop clientweb browser portal, or the mobile application — security is present across Zoom’s entire architecture.  

Our unified communications experience is built with security in mind, and our users’ safety, security, and privacy help guide new platform updates we make. We’re committed to being a platform users can trust — with their online interactions, information, and business.

To learn more about Zoom privacy and security, explore our Trust Center.





Product Marketing Manager, Privacy & Security

Comments

Popular posts from this blog

Use Vault for Gmail Confidential Messages and Jamboard Files

Google vault will be supporting two new formats in the future, Gmail confidential mode emails & Jamboard files stored in Google Drive. Google Vault gives you a chance to retain, hold, search, and export data to support your organization’s retention and eDiscovery needs. This dispatch includes support for new information types with the goal that you can thoroughly oversee your association's information. What happens when individuals in your association sends confidential messages? Vault can hold, retain, search, and export all confidential mode messages sent by users in your association. Messages are constantly accessible to Vault, notwithstanding when the sender sets a termination date or denies access to private messages. Here’s an example of what admin@ink-42.com will see in Vault when they search for sam@ink-42.com and preview this email sent by lisa@ink-42.com . But It’ll not work vise versa. Admins can hold, retain, search and export message headers and s

Zoom’s Work Transformation Summit on Jan. 19: Fresh Approaches for Moving Forward

These past two years have undoubtedly reshaped work. More specifically, these past two years — shuffling between remote, in-person, and hybrid work scenarios — reshaped what employees expect out of their jobs, how they want to work, and what the office means to them.  Organizations are challenged with making big decisions to meet those expectations, and those decisions will dramatically alter how they hire, manage their facilities, buy technology, and maintain productivity. Simply adjusting policies and retooling previous work models won’t do. It takes a comprehensive reimagining. To help organizations navigate this next phase of work, Zoom is hosting our  Work Transformation Summit  on Jan. 19, a free, half-day virtual event designed to provide you and your organization with meaningful strategies, creative approaches, and innovative solutions for redefining work.  Summit attendees will have the opportunity to hear from peers and industry experts on the importance of embracing technolo

Access well-known educational technology tools straight from Google Classroom.

  We're making it simpler for instructors to use popular EdTech products that are most effective for their class right in Google Classroom with a new seamless integration of single sign-on, assigning, and grading. With the help of this feature, teachers can find, assign, and grade interesting content for their classes, and both teachers and students can access their EdTech tools without needing to navigate to other websites or apps or go through a cumbersome login process that requires remembering numerous usernames and passwords. This offers a more simplified experience when using technology to affect learning, in addition to saving instructors and students time. We partnered with 15+ EdTech companies to build custom add-ons, including Kahoot!, Pear Deck, IXL, and Nearpod.  Admins :  In order for educators to use add-ons, district administrators must provide access to them. For further information on how to install the add-ons functionality and specific add-ons for a domain, OU, o