Zoom has launched a customer-managed key (CMK) offering to help businesses meet compliance requirements.  

Its latest security solution, Zoom Customer Managed Key, protects data which is stored at rest within Zoom Cloud’s infrastructure.  

Zoom CMK is a paid offering, which means current Zoom customers will need to pay extra to use it.  

Karthik Raman, Group Product Manager at Zoom, said: “We strive to provide the tools you need to navigate today’s complex regulatory landscape and tailor a security strategy to your organisation’s unique needs.   

“CMK is designed to help you protect your data in the way your business needs. Whether you want to deploy CMK or one of our other security offerings, you have options — a choice in how you safeguard your information.  

Zoom says its CMK solution is designed to meet the regulatory requirements of industries like financial services and healthcare. Healthcare providers must address HIPAA standards, and financial services need to meet NY DFS, Gramm-Leach Billey Act, and more.  

Recognising that different companies require personalised security solutions, Zoom believes its CMK offering will make it easier for them to meet these regulatory obligations.  

Zoom Customer Managed Key  

The CMK enables organisations to use their own keys to encrypt Zoom assets, including cloud recordings on Zoom Meeting and Zoom Webinars, plus access tokens for calendars and Teams.  

Here is the complete list of assets applicable to Zoom CMK:  

  • Zoom Meeting cloud recordings, including transcripts and chat texts  
  • Zoom Webinars cloud recordings   
  • Zoom Phone voicemails and recordings   
  • Microsoft Teams access tokens  
  • Zoom Rooms calendar access tokens  
  • User calendar access tokens   
  • Meeting and webinar archiving  

Customer Managed Key Prerequisites  

CMK is currently only available for customers using AWS Key Management Service (AWS KMS). This allows content stored in the Zoom Cloud to be encrypted using an organisation’s keys.  

Apart from an AWS account, administrators will also need access to the Zoom web portal and a Zoom Enterprise account.  

Acceptable Zoom desktop clients are Windows 5.7.6 or higher, macOS 5.7.6 or higher, and Linux 5.7.6 or higher.  

The Zoom mobile client can be accessed on Android 5.7.6 or higher and iOS 5.7.6 or higher.  

Zoom provides step-by-step support for configuring CMKs in AWS, plus how to enable CMKs, enrolling your keys with Zoom, editing your keyset, CMK deprovisioning, and more on its support pages.  

Zoom’s Bring Your Own Key (BYOK) offering was announced earlier this year, alongside a string of further security measures, following a third-party attestation from ‘SURF’, a Dutch government organisation.

 

 



from UC Today https://ift.tt/esbYk0R