Security Enhancements | Migrate to the Updated Policies

Security Enhancements | Migrate to the Updated Policies

Hello everyone,

Zoho Directory's security policies have been updated and reorganized into three new policies with features that enhance the overall organization security. These policies provide a stronger and more secure sign-in methods and improve the user authentication experience.

Earlier, security policies comprised four dedicated components: Password Policy, Multi-Factor Authentication (MFA), Allowed IPs, and Advanced Settings. Based on these components, each group was assigned a policy that determined their sign-in process. Depending on their roles and responsibilities, the sign-in method varied and upon successful authentication, users were granted access to Zoho Directory.



With the latest update, the policies are divided into three parts: Conditional Access Policies, Routing Policies, and Security Policies.
  1. Routing Policies acts as an initial check when a user signs in. 
  2. Conditional Access Policies determines whether the user's access should be allowed or denied based on the predefined criteria.
  3. Security Policies provide you with a dedicated Password Policy and Session Settings.
Additionally, Custom Authentication has been renamed and is now a part of Routing Policies.

New Policies:



To understand how your existing policies are handled and mapped to the new policies during the migration process, click here.

Before migrating to the updated policies, quickly review how the policies are changed.

Existing Policies
Updated Policies
Password Policy
Security Policies

Password Policy is a part of Security Policy. Learn more.
Multi-Factor Authentication (MFA)
Conditional Access Policies

Multi-Factor Authentication (MFA) is a part of Conditional Access Policies.
MFA acts as an Action (Allow with MFA) under this policy. Learn more.

Allowed IPs
Conditional Access Policies

Allowed IPs is a part of Conditional Access Policies. It acts as a condition (IP address) under the policy.

Advanced Settings

1. WEB SESSION MANAGEMENT

2. LOCK PERIOD SETTINGS

1. Routing Policies

Session Lifetime and Idle Session Timeout are a part of Session Settings under Routing Policies.

2. Security Policies

Concurrent Sessions, and Lock Period Settings are a part of Advanced Settings under Security Policies.

Custom Authentication
Routing Policies

This section is renamed as Identity Providers and can be enabled via Routing Policy. Learn more.

How to Migrate?

Existing users with pre-configured policies will come across the Migration Page, which guides them through reviewing, resolving the conflicts and adopting the new policies. On this page, you will be required to complete the steps before migrating.

  1. Demo: Watch a quick demo to understand what’s changed and updated.
  2. Read the Changes: View a detailed document that outlines all the updates.
  3. New Admin Role: Configure the new admin role to replace the existing Helpdesk Admin role as it will no longer have permission to manage security operations.
    Note: This section is displayed only if at least one user is assigned to the Helpdesk Admin role.
  4. Custom Admin Role: Review the changes in the custom roles. 
    Note: This section is displayed only if a custom security role has been created and assigned to a user.
  5. Sandbox Mode: Preview the updated policies in sandbox mode before migrating
After completing these steps, you can proceed with migrating to the updated security policies.

FAQs

  1. What happens if I don't migrate? 
    You can continue using the existing security policies (old version) until you migrate to the updated policies.
  2. What will happen to my existing policies? 
    Your existing security policy configurations will be migrated to the new policy framework. To understand how your existing policy setup is mapped to the updated policies, click here.
  3. Who can perform this migration? 
    Only the Organization Owner or Organization Admin can perform the migration.
Regards,
The Zoho Directory Team.

    • Recent Topics

    • Recover deleted user

      Hi by mistake i have deleted an added user and his email associated. Please help me recover it thank you.

    • No connection to the server

      Hello! I can't add a new email address to my mailbox because your server is rejecting me. Please help. I took and added a screenshot of this problem Marek Olbrys

    • Emails missing from desktop but visible on phone

      Subject says it all. Windows 11 laptop. Apple phone. all systems up to date.

    • Website Hosting

      Hello, I want to host my domain on Hostinger, and I want my emails to run through Zoho Mail. Please provide me with the SPF record, MX record (Type: TXT), and A record, so that I don’t face any issues with my emails. My website is on Hostinger hosting,

    • Can not search zoho mail after update V.1.7.0

      i can not search mail on to and cc box from attached picture and then search contacts box can't click or use anything. include replay mail too.

    • How to retreive the "To be received" value of an Item displayed in Zoho inventory.

      Hi everyone, We have our own Deluge code to generate a PO according to taget quantity and box quantity, pretty usefull and powerful! However, we want to reduce our quantity to order according to "To be received" variable. Seems like this might not even

    • Kaizen #211 - Answering your Questions | Using Canvas and Widgets to Tailor CRM for Mobile

      Howdy, tech wizards! We are back with the final post in addressing the queries you shared for our 200th milestone. This week, we are focusing on a couple of queries on Zoho CRM mobile configurations and custom payment gateway integration. 1. Mobile SDK

    • Remove "Invalid entries found. Rectify and submit again" modal

      Following up on a post from a few years back, but can the Zoho team consider either removing the 'Invalid entries found. Rectify and submit again' modal that displays for empty mandatory fields OR allow an admin to change it? I've built a custom error

    • Cadence reports as front-end reports

      Hello everyone, We have built a cadence which is connected to the Leads module. There are 11 steps in total, 7 are automatic emails and 4 are tasks for the Lead owners. As admins, we have access to this (very nicely made) 'View Reports' tab where we can

    • Show elapsed time on the thank-you page?

      Is it possible to display the total time a user spent filling out a Zoho Form on the thank-you? I’d like to show the difference between the `form submission timestamp` and the `start time` (currently have a hidden Date-Time field set to autofill the date

    • I need to do crud with snippet html

      I need to implement a form with an improved user interface. I would like to use snippets to build a CRUD that allows me to create and update records. How could I achieve this using snippets?

    • Incorrect “correct” password on email client apple mail

      I have troubleshot this account several times. I have deleted and re added account. It keeps saying incorrect password. Can you check that it is not locked on your end?

    • Is it possible to lock editing subform rows?

      Ideally editing would only be locked after the form has been updated but I still want them to be able to add new subform records at any time and they should be able to delete rows from the subform. It is a named subform if that's relevant however the

    • What is the maximum file size of a video upload in Zoho chat?

      Can I upload a 20 mb video file and share it with my colleagues? 

    • Update a field in ALL all calls under a contact

      HI guys! I have written some deluge code to update a field in my calls after i have comepleted the call, i need this field to update in all my scheduled calls as well that are comeing up. I just cant seem to get it to work, i have put teh code below,

    • Verifying Zoho Mail Functionality After Switching DNS from Cloudflare to Hosting Provider

      I initially configured my domain's (https://roblaxmod.com/) email with Zoho Mail while using Cloudflare to manage my DNS records (MX, SPF, etc.). All services were working correctly. Recently, I have removed my site from Cloudflare and switched my domain's

    • Fat Download of Ulaa Browser

      I just observed that Ulaa Browser is offering an one-capsule big download. These days it is a custom to offer a small bootstrap downloader and based on user customization options an appropriate download completes. And this is particularly common with

    • Billing Management: #8 Usage Billing in Logistics & Delivery Services

      The logistics and delivery industry thrives on movement and precision. Every delivery completed, every kilometre driven, and every ton transported is a measurable activity. However, billing often lags behind. Many logistics companies still rely on fixed-rate

    • Tags for New Tickets

      Hi there, When creating a new ticket, there is currently no way to choose a tag you would like to associate with the new ticket. Being able to associate a tag while creating a new ticket will be very beneficial as it will save time and flow well with

    • Zoho Desk: No Incoming email

      Is Zoho Desk services down? No incoming email reflect to desk tickets.

    • Zoho CRM - Widgets | Update #3 : Introducing SDK V1.5 along with new ZDK Methods and ZRC Support

      Hello everyone! Widgets in Zoho CRM just got a big upgrade! With the release of SDK v1.5, developers can now create more immersive widget experiences. This update elevates Widget development with new ZDK methods for easier interactivity and ZRC support

    • Unusual activity detected, account blocked

      I am unable to send emails and am getting the error "Outgoing blocked: Unusual activity detected. To unblock your account, please and submit a request. Learn more.". I am unsure as to why this is happening since all my activity is legitimate, mainly confirmation

    • Unable to Send Emails – Outgoing Mail Blocked (Error 554 5.1.8)

      Description: Hello Zoho Support Team, I am facing an issue with my Zoho Mail account ( admin@osamarahmani.tech ). Whenever I try to send an email, I get the following error: 554 5.1.8 Email Outgoing Blocked I would like to clarify that I have not done

    • Issue connecting Zoho Mail to Thunderbird (IMAP/SMTP authentication error)

      Dear Zoho Support, I am trying to configure my Zoho Mail account on Thunderbird, but I keep getting authentication errors. Account: info@baktradingtn.com Domain: baktradingtn.com Settings used: IMAP: imap.zoho.com, Port 993, SSL/TLS, Normal Password SMTP:

    • Payment issue with Mail Lite plan – personal NIF not accepted as payment info

      Hello, I have already contacted Zoho Support by email regarding this, but since I haven’t received any reply yet, I’m sharing it here as well to see if the community can help. I’m facing a payment issue for my Mail Lite plan. I have a personal account

    • Customer payment alerts in Zoho Cliq

      For businesses that depend on cash flow, payment updates are essential for operational decision-making and go beyond simple accounting entries. The sales team needs to be notified when invoices are cleared so that upcoming orders can be released. In contrast,

    • Figma in Zoho Creator

      Hi Team, I’m creating a form using Figma and would like to know how to add workflows like scheduling, custom validation, and other logic to it. Can anyone help me understand how to set this up for a Figma-based Creator UI form?

    • Not receiving Gmail confirmation email to send emails as Zoho account from Gmail

      Hello! I'm having an issue with the "Send mail as" option on Gmail. I am not receiving the confirmation email on my Zoho Mail account. A few days ago, it worked, then it stopped, and now when I try to fix it, I simply don't receive the confirmation email

    • Restore lost Invoice!

      Some time ago I tried to Upgrade from Invoice to Books. I not upgraded and staid n Invoice. Now i tried again and first i deleted the old trial of books. But now all is gone, PLEASE HELP!! i have no backup and i have to have at least 7 years data retention by law. 

    • Zoho Desk Down

      Not loading

    • lookup and integrated forms

      I might be misunderstanding things but I wanted to integrate our zoho crm contacts into creator. I imagined that when I used the integration it would mirror into creator. It did brilliant. BUT We have a ticket form in creator that we want to use a lookup

    • Partially receive PO without partial Bill?

      Most of our inventory is pre-paid. Let's say we purchase 30 pieces of 3 different items for a total of 90 pieces. It is common for our supplier to send us the items as they are ready. So we will receive 30 pieces at a time. How can I partially receive

    • 2 users editing the same record - loose changes

      Hello, I'm very new to Zoho so apology if this has been addressed somewhere i can't find. I have noticed the following: If we have 2 users put an inventory item in edit mode at the same time: say user1 click on edit and user2 while user1 is still in edit,

    • How to get the Dashboard page to be the first page when you open the app

      So when it opens on a tablet or phone it opens on the welcome page, thanks.

    • How I set default email addresses for Sales Orders and Invoices

      I have customers that have different departments that handle Sales Orders and Invoices. How can i set a default email for Sales Orders that's different than the default email for Invoices? Is there a way I can automate this using the Contact Persons Departments

    • Formula fields not refreshing until page is reloaded

      I need help/advice about the formula fields and how I can refresh the information in real-time. We have two formula fields on our deals page which show calculated prices: One formula is in a subform which calculates the subform total + 1 other field amount

    • How can I setup Zoho MCP with Chat GPT

      I can set up custom connections with Chat GPT but I cat an error when I try to set it up. The error is: "This MCP server can't be used by ChatGPT to search information because it doesn't implement our specification: search action not found" Thoughts?

    • API ZOHO CRM Picket list with wrong values

      I am using Zoho API v.8. with python to create records in a custom module named "Veranstaltung" in this custom module I've got a picket list called "Email_Template" with 28 Values. I've added 8 new values yesterday, but if I try to use on of those values

    • Group Emails

      I have synced Zoho CRM to Campaigns but there are certain email not synced. showing it is Group Emails, but this email ids belongs to different individuals. please provide a solution as i nedd to sync the same.

    • Enable Password Import option in ulaa browser

      Dear Ulaa Team, I noticed that the Ulaa Password Manager currently offers an option to export passwords, but not to import them. This limitation poses a challenge for users like me who have stored numerous credentials in browsers like Chrome. Manually

    • Next Page