Secure User Identities in Your Zoom Calls — Authenticated by Okta
Today’s workforce is dynamic with employees working from the office, home, and other remote locations across the world. For organizations, Zoom has increasingly become the de facto solution for video conferencing, connecting them to employees and customers. But the shift to remote and hybrid work has left IT and security teams with a new challenge: How do you ensure that your meeting and collaboration tools are frictionless yet safe and secure?
Introducing Okta Authentication for E2EE meetings
Video meetings are critical for collaboration, and users want to trust that the permitted people are in their meetings. In partnership with Zoom, we are excited to announce Okta Authentication for End-to-End Encrypted (E2EE) meetings for all paid customers. This new identity verification feature leverages Okta to authenticate a meeting attendee’s identity by email in E2EE Zoom meetings. Identity authentication and attestation from Okta can help independently determine if a meeting guest is exactly who they say they are.
How it works
Zoom account admins can enable Okta Authentication for E2EE in the Security tab of the Zoom Web Portal. Once the Zoom account admin has enabled this feature, a meeting attendee can enable sharing of their identity by turning on the feature in their individual settings.
Depending on a user’s organization’s settings, they may get verified automatically or be redirected to the Okta web page to finish authentication with their login credentials for two-factor authentication.
Once a meeting attendee is authenticated, a blue shield with a lock will appear next to their user name in the meeting participant list. Anyone participating in the meeting can hover over the icon to see a card which displays authenticated information about that person, including their company domain and corresponding Okta-verified email address.
Apply Zero Trust to Zoom encrypted meetings
Participant impersonation in meetings is another form of social engineering that’s become increasingly sophisticated. This makes protecting personal information more important and challenging than ever. Collaboration apps must adopt Identity verification best practices like single-sign-on and two-factor authentication.
In addition to these core competencies, the Zero Trust security framework is exploding in adoption. Our latest State of Zero Trust Security report shows that 97% of companies surveyed either had a Zero Trust initiative in place or would have one in place in the coming 12-18 months. Embraced by the enterprise and government agencies, Zero Trust’s core principle is “never trust, always verify.” With a Zero Trust approach, strong Identity and access controls are a requirement, especially with a workforce that operates in diverse, dynamic environments.
By leveraging Okta to apply a Zero Trust approach to Zoom, IT and security teams can help their organizations reduce security risks—without sacrificing user experience. Working with Okta, Zoom provides users with an extra layer of security, allowing them to verify the email identities of E2EE meeting attendees.
Allow meetings to flow, undisrupted
Okta has always been at the forefront of innovation. We were the first to treat Identity and Access Management as an independent platform, recognizing its integral role in digital customer experiences. We continue the innovation journey as Zoom's first and exclusive partner to verify the email identities of users in end-to-end encrypted meetings.
Okta’s position as an open and vendor-neutral platform allows its customers, partners, and ISVs to develop and integrate Okta’s Identity solutions within their apps and technologies. In our collaboration with Zoom, we’ve provided the building blocks to integrate Identity into their product portfolio. This made the job faster and easier for Zoom's development team to build the integration, allowing them to scale as needed. No need to build an authentication model for their apps from the ground up. Thanks to our partnership, Zoom was able to continue to deliver on its mission to make communications frictionless and now, more secure.
Ready to enable more secure online meetings? Contact us with your questions.