Okta recently announced a new identity verification feature within Zoom that leverages Okta to authenticate a meeting attendee’s identity by email in Zoom meetings using end-to-end encryption (E2EE). This identity authentication and attestation, powered by Okta, can help independently determine if a meeting guest is who they say they are.
Okta Authentication for E2EE is available for all Zoom’s paid customers. Zoom account admins can enable Okta Authentication for E2EE in the Security tab of the Zoom Web Portal. Once the Zoom account admin has enabled this feature, a meeting attendee can enable sharing of their identity by turning on the feature in their individual settings.
Depending on a user’s organization’s settings, they may get verified automatically or be redirected to the Okta web page to finish authentication with their login credentials for two-factor authentication.
Once a meeting attendee is authenticated, a blue shield with a lock will appear next to their username in the meeting participant list. Anyone participating in the meeting can hover over the icon to see a card that displays authenticated information about that person, including their company domain and corresponding Okta-verified email address.
“Flexible work underscores the need for a robust set of identity and access management tactics. Building this strategic feature with Okta directly into Zoom’s E2EE meetings allows our users and customers to take an ‘always verify, never trust’ approach, while reducing the need to toggle between disparate solutions,” said Ricky Kapur, Head of Asia Pacific, Zoom. “Zoom is striving to add an extra layer of security to virtual communication while maintaining our seamless and consistent experience.”
Apply Zero Trust to Zoom encrypted meetings
Participant impersonation in meetings is another form of social engineering that’s become increasingly sophisticated. This makes protecting personal information more important and challenging than ever. Collaboration apps must adopt Identity verification best practices like single-sign-on and two-factor authentication.
In addition to these core competencies, the Zero Trust security framework is exploding in adoption. Okta’s latest State of Zero Trust security report revealed that 97% of companies surveyed either had a Zero Trust initiative in place or would have one in place in the coming 12-18 months. Embraced by the enterprise and government agencies, zero trust’s core principle is “never trust, always verify.” With a Zero Trust approach, strong Identity and access controls are a requirement, especially with a workforce that operates in diverse, dynamic environments.
By leveraging Okta to apply a Zero Trust approach to Zoom, IT and security teams can help their organizations reduce security risks—without sacrificing user experience.
“Okta has always been at the forefront of innovation. We were one of the first to treat Identity and Access Management as an independent platform, recognizing its integral role in digital customer experiences. We continue the innovation journey as Zoom’s first and exclusive partner to verify the email identities of users in end-to-end encrypted meetings,” said Ben Goodman, Senior Vice President and General Manager for Asia Pacific & Japan, Okta.