Continuing to address security issues that emerged during the early days of the COVID-19 pandemic, Zoom Video Communications Inc. has added support for customer-provided encryption to its popular videoconferencing service.

Zoom Customer Managed Key is aimed primarily at customers in heavily regulated industries like healthcare and financial services. It comes on the heels of increased encryption support that was built into version 5.0 of its platform, which was announced in April. That release added Advanced Encryption Standard 256-bit Galois/Counter Mode, a type of encryption that is known for both security and performance.

“Customers have been specifically asking for this feature,” said Karthik Raman, a Zoom group product manager. In addition to regulated industries like healthcare and financial services, demand has come from businesses in other industries with strong security and compliance requirements, he said.

All cloud platforms and many software-as-a-service providers support encryption but most require that keys be stored in the hosted cloud. That isn’t sufficient for some firms, though, and support for customer keys has become a point of differentiation for security-focused services. In rolling out its Cloud for Financial Services in 2019, IBM Corp. promoted ”bring your own key” encryption as a core feature that distinguishes its platform from other public clouds.

With Customer Managed Key, users can opt to use their own encryption keys to encrypt such assets as cloud recordings, voicemails and calendar access, Zoom said. Encryption can be applied to meetings, webinars, voicemails, Microsoft Corp. Teams access tokens and archived sessions. Administrators can provision encryption keys directly within the “Security” tab on the Zoom administrative portal or get help from Zoom’s Global Services organization.

“Customers will need to purchase licenses, set up their own [Amazon Web Services Inc. key management service], configure it to work with our product and then configure their settings in the Zoom Web Portal to begin using it,” Raman said. “Zoom will interact with the customer’s KMS to obtain data keys for encryption and decryption and will use these keys to encrypt and decrypt certain customer assets before those assets are written to long-term storage.” Zoom will not store plain-text data keys in long-term storage, he said.

The feature will incur an additional cost but Zoom didn’t provide specifics.

Photo: Unsplash