Content protected by Customer Managed Key
Each organization can decide what types of assets get encrypted with their key when stored permanently in the cloud. The list of potential assets depends on what Zoom services the organization uses. For example, If cloud meeting recordings are enabled and the meeting organizer is a licensed CMK user and records the meeting, the associated files are encrypted, even if some of the meeting attendees are not CMK users. While most services follow the same approach, there are some specifics which apply to certain services as described in the following list (with their Service ID as it appears in the encryption context).
If you enable an AI Companion feature and enable CMK encryption for a related type of asset, then Zoom will encrypt all related assets including the AI generated ones, but if the feature uses a third-party model provider, that provider may only encrypt the data they receive with regular encryption.
Note: Associated metadata, such as used for searching, may not be encrypted with the customer’s key.
- Meeting/webinar recordings (1)
Cloud meeting and webinar recordings including transcripts, summaries, and next steps can be encrypted along with in-chat text messages. Polls (Q&A, surveys and reports) and in-meeting file transfers are not encrypted.
- Clips (10)
Any video clip can be encrypted.
- Whiteboards (11)
Whiteboards (drawings, text, pictures and comments) from licensed users can be encrypted.
- Phone recordings (2)
Phone recordings and transcripts can be encrypted not only from individual (licensed) users, but also all call queues.
- Phone voicemails (3)
Voicemail and transcript can be encrypted not only from individual (licensed) users, but also all call queues.
- Compliance archives (6)
If compliance archival is enabled, meetings, webinar, phone recordings and in-chat messages can be encrypted.
- Phone MMS messages (9)
MMS (multimedia messaging service) including text, pictures and video can be encrypted.
- User calendar access (4)
The token or password the Zoom client uses to access Google or Microsoft calendaring can be encrypted.
- Zoom Room calendar access (5)
The token or password Zoom Room uses to access Google or Microsoft calendaring is encrypted.
- Other access (7)
Other access tokens such as for Microsoft Teams can be encrypted.
- Team Chat (8)
All messages, files, emojis, and attachments which are sent internally can be encrypted if any member of the channel or chat is a licensed user. Reaction emojis and giphys (and the associated URLs) will not be encrypted, as they are static resources. Code snippets are encrypted if the creator is a licensed user. CMK for Team Chat cannot be combined with Advanced Chat Encryption.