5 ways to secure your Zoho One organization
In observance of National Cyber Security Awareness Month, we'll discuss all the ways you can protect your Zoho One organization in this article.
1. Monitoring incidents
The first step in securing your organization is monitoring and identifying your weaknesses and vulnerabilities. Zoho One's new Dashboard is a handy tool that identifies threats faced by your organization. The Sign-in Details graph lets you assess the sign-in attempts of all users, the location and time of the attempt, and even the device used for signing in.
The Dashboard has already helped our users understand the threat to their organization's security and the tools they have to combat it. Here is some of their feedback:
- I really love these new reports! I have browsed the reports, and I am seeing 1,585 failed login attempts in the past 7 days, most of them from outside the country. This is bringing a lot of insight and helping to educate users about security. - Christophe Mendéz, Operations Director - MZ Consultants
- Great update! One of the most interesting things I have seen is the number of failed logins from around the world. Thankful for MFA [multi-factor authentication]. - Gordon Mankelow, Business Technology & Zoho Specialist - Relativity Limited
- SPOT ON! Many customers don't bother [turning on MFA], but I believe it is essential. That said, in my list of failed logins are numerous IMAP logins from abroad. - Matt Koopmans, Founder & Director - Aurelian Group
Once you know where your problems lie, you can start fixing them. Learn more about dashboard and reports.
2. Access management
According to the 2019 Verizon Data Breach Investigations Report (DBIR), 34% of breaches occur due to internal actors, and most of these internally-caused incidents are not intentional. They are merely user errors. This highlights a need for stricter access management—the tighter the user access control, the fewer vulnerabilities for malicious parties to exploit.
A common pitfall for most of our users is enabling all the apps in their Zoho One bundle right away and granting everyone access to them. Use the Applications tab in Zoho One to ensure that only the right people have access to the right tools. For example, your support agents wouldn't need access to Zoho Books or Zoho Campaigns. Invest some time into auditing and managing your users' access.
Continuous access management with Zoho One
Regularly auditing your users' access and making changes manually might be infeasible in the long run. This is why we suggest you use Conditional Assignments in Zoho One. Conditional Assignment can automatically assign apps to existing and future users based on rule-based conditions. You can configure a condition to assign specific application roles to specific users, further fortifying access-based security. Learn more about Conditional Assignment.
Secure, trusted access points
Speaking of access management, securing physical access is just as important as securing digital access. We strongly suggest you make use of Zoho One's Allowed IPs feature to prevent malicious parties from gaining access to your organization. This feature follows the positive security model and allows your users to access their Zoho One accounts only from secure and trusted IP addresses. Learn more about Allowed IPs.
3. Secure delegation
The Verizon DBIR goes on to explain that the leading reason for security incidents is Privilege Misuse, which includes Unauthorized Access. Although "unauthorized access" sounds like complicated technical jargon, it is a simple concept—people signing in to accounts they shouldn't be signing into, often using credentials they obtain by unofficial (although not illegal) methods. A good example is a Zoho One Organization Owner sharing their credentials with an HR Manager, enabling them to add new employees to the organization. Even if the reasons behind the action are innocent, it leads to serious long-term problems.
If you find yourself in a situation where you need additional people operating your Zoho One organization, we strongly suggest that you use Zoho One Admins and App Admins to securely delegate responsibilities. Learn more about Admins.
4. Single sign-on
When talking about single sign-on (SSO), people tend to focus on convenience and ease-of-use. However, the biggest advantage of SSO is security. Not only does it eliminate the use of multiple passwords and the horde of problems they bring, it also follows the SAML 2.0 standard, ensuring only your users can access your applications. Learn more about using Zoho One as a SAML IdP.
5. Policy-based MFA
Using multi-factor authentication (MFA) is the first piece of advice given to organizations by almost every security expert. The only downside of MFA is that the more secure your authentication factors are, the harder they are to use. For example, using a hardware authenticator like Yubikey (which Zoho One now supports) is highly secure, but hard to use as it involves maintaining an additional hardware device. On the other hand, SMS-based OTPs are easy to use as they're tied to your mobile number, but they are considered the least secure form of MFA.
One way to handle this duality is through Zoho One's Security Policies. We suggest you create multiple security policies with varying degrees of security, and apply them to users based on their risk factor. Ask yourself which employees are handling your organization's most sensitive data. For example, Systems Admins or Payroll Managers may need stricter security policies than Sales Agents and Marketers. Learn more about Security Policies.
Now that you know the purpose of the different ways you can protect your Zoho One organization, we hope you'll be able to monitor and manage your security better! Happy National Cyber Security Awareness Month, and feel free to share your feedback in the comments section.
Access your files securely from anywhere
New to Zoho Recruit?
Zoho Developer Community
New to Zoho LandingPage?
Zoho LandingPage Resources
New to Zoho Survey?
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho Marketing Plus?
Everything you need to run your marketing
New to Zoho Marketing Plus?
Everything you need to run your marketing
New to Bigin?
Topic Participants
Ahilesh K
Sticky Posts
How to Add Users to your Organization in ZohoMail?
A better clarity so you can create other users to start using Zoho Mail. You can directly Add Users from the Control Panel to your Organization. You can invite users with the existing email address. If the person (user) already uses ZohoCRM, then you can import users from Zoho CRM. You can also import them using a .csv file. (if you are planning to add them in Bulk) In this topic, We will be discussing on how to Add and Invite users only. The Import options are self explanatory. ____________________________________________________________________________________________________________
New to Zoho TeamInbox?
Zoho TeamInbox Resources
Zoho CRM Plus Resources
Zoho Books Resources
Zoho Subscriptions Resources
Zoho Projects Resources
Zoho Sprints Resources
Qntrl Resources
Zoho Creator Resources
Zoho CRM Resources
Design. Discuss. Deliver.
Zoho Show Resources
Get Started. Write Away!
Writer is a powerful online word processor, designed for collaborative work.
Zoho CRM コンテンツ
-
オンラインヘルプ
-
Webセミナー
-
機能活用動画
-
よくある質問
-
Ebook
-
-
Zoho Campaigns
- Zoho サービスのWebセミナー
その他のサービス コンテンツ
Nederlandse Hulpbronnen
ご検討中の方
Recent Topics
Good news! Calendar in Zoho CRM gets a face lift
Dear Customers, We are delighted to unveil the revamped calendar UI in Zoho CRM. With a complete visual overhaul aligned with CRM for Everyone, the calendar now offers a more intuitive and flexible scheduling experience. What’s new? Distinguish activitiesZia Conversation Summary: Context at a glance for every customer interaction
Hello everyone! Every customer conversation tells a story—but in CRM, that story is rarely in one place. A sales rep moving between multiple leads has to reopen long email threads, check call remarks, and revisit meeting notes just to remember what wasZoho Books - New Interface keep details with PDF View
Hello, The Zoho Books Interface has changed for estimates etc... One thing is causing issues though. Before the change, in PDF view you could see the detail information including custom fields entered for the estimate. Now, you have to switch betweenZoho One Unified Portal - Applications
Hello, It is great to see the work on the New Unified Customer Portal. Thanks for that. The number of applications is limited though. It is now only around the Zoho Books ecosystem (Books, Expense...) and Zoho Social. = Are other applications plannedDropdown data depends on filters in another field.
In my quote form I have a lookup field called Reseller that pulls from Accounts. I would like it to pull from Accounts, but only those accounts with an account field 'Type' where that is 'Reseller'. Does anyone know a way to do this? Similarly, I'd likeAutomatically CC an address using Zoho CRM Email Templates
Hi all - have searched but can't see a definitive answer. We have built multiple email templates in CRM. Every time we send this we want it to CC a particular address (the same address for every email sent) so that it populates the reply back into ourRefresh frequency
Dear Zoho Team, I really, truly appreciate that Zoho Books gets frequent updates. As a matter of fact this is how a good SaaS company should stay on top. However, I feel that I have to hit refresh almost every day. This was exciting at the beginning butRefund
My plan expired today, and I updated my payment details with a new credit card. At the same time, I wanted to downgrade, but the system wouldn’t allow the downgrade until the payment details were updated. As a result, I was charged for the same plan beforeWhatsApp Calling Integration via Zoho Desk
Dear Zoho Desk Team, I would like to request a feature that allows users to call WhatsApp numbers directly via Zoho Desk. This integration would enable sending and receiving calls to and from WhatsApp numbers over the internet, without the need for traditionalCan we generate APK and IOS app?
Dears, I want to know the availability to develop the app on zoho and after that .. generate the APK or IOS app and after that I added them to play store or IOS store.. Is it possible to do this .. I want not to use zoho app or let my customers use it. thanksText/SMS With Zoho Desk
Hi Guys- Considering using SMS to get faster responses from customers that we are helping. Have a bunch of questions; 1) Which provider is better ClickaTell or Screen Magic. Screen Magic seems easier to setup, but appears to be 2x as expensive for United States. I cannot find the sender id for Clickatell to even complete the configuration. 2) Can customer's reply to text messages? If so are responses linked back to the zoho ticket? If not, how are you handling this, a simple "DO NOT REPLY" asAdd "Fetch Composite Item" Action for Inventory
I want to make a Flow that uses information returned in the GET call for Composite Items, and it's not currently available in Zoho Flow. Please consider adding this functionality.Calling Function via REST API with API Key gives 401 using Zoho Developer
Hi, I created a couple of functions using the one month trial of Enterprise edition, which I was able to call using the API Key method from Postman and from an external site. Now that my trial has expired, I have created the same functions in the DeveloperError due to - 'Internal Exception' when uploading Sign-generated PDF file to workdrive via Deluge in Zoho CRM
Hi I wasnt getting this error a few days ago and my code had not changed, so I'm wondering if there's a Zoho bug somewhere? I am downloading a PDF file from a Zoho Sign url using invokeurl and then uploading it to a Workdrive folder using zoho.workdrive.uploadFile.Embed CRM record images in email templates
I have email templates that I want to embed dynamic images in their body - not as an attachment. For the context, the image is a QR code individual to each contact. So there are couple of challenges for which I think there is no solution in CRM: 1/ IAssign multiple departments to multiple helpcenters
Hi there! I have a reseller company for a software and I'm using Zoho Desk as my helpcenter and ticket management system. The software is great and I would like to make a suggestion! With multi-branding activated, your departments that visible in helpZoho Desk Training
Hello, We've had Zoho desk for a while now, but we run into issues occasionally, and I was wondering if there was a customer who currently uses it and really enjoys the functionality, that would be wiling to chat with us?Advanced Customization of the Help Center using JavaScript
Hello everyone, The Help Center in Zoho Desk can be customized by using HTML and CSS to provide structure and enhance the page's appearance—but what if you want to add interactive and dynamic elements? You can add these effects with JavaScript, a programmingExciting Updates to the Kiosk Studio Feature in Zoho CRM!
Hello Everyone, We are here again with a series of new enhancements to Kiosk Studio, designed to elevate your experience and bring even greater efficiency to your business processes. These updates build upon our ongoing commitment to making Kiosk a powerfulEdit default "We are here to help you" text in chat SalesIQ widget
Does anyone know how this text can be edited? I can't find it anywhere in settings. Thanks!PO Based Advance payment to Vendor
We recommend to introduce a provision at PO to make advance payment to vendors and auto apply that advance paid later at the time of Vendor Bill submission for that PO. This will help us track PO-wise Total Payments.Converting Customer Invoice to Purchase Bill
Hi, In my service-based business, I sometimes create the customer invoice first, and later I receive the purchase bill from the vendor for the same job. Is there any option in Zoho Books to: Convert a customer invoice into a purchase bill, or Link/associateGetting Project Template List using the REST API
I am trying to confirm that I can use the REST API to create a project using a project template. The API documentation indicates this is possible by providing the Template ID, but it is not clear at all how to get a list of available Project TemplatesHow to get Quickbooks Desktop Info into Zoho?
Our team has used Quickbooks desktop for years and is looking at switching to Zoho books in 2026. I want to bring all old sales history over since we use Zoho CRM. I can export Item sales history and generic sales orders from Quickbooks desktop. How doZeptoMail API Request
We tried to send mail using ZeptoMail using Django. Following is my payload {'from': {'address': 'abc@abc.com'}, 'to': [{'email_address': {'address': 'xyz@xyz.in', 'name': 'Bhavik'}}], 'subject': 'Report Name', 'htmlbody': '<p>Test</p>'} Following isZoho Inventory - Allow Update of Marketplace Generated Sales Orders via API
Hi Inventory Team, I was recently asked by a client to create an automation which updated a Zoho Inventory Sales Order if a Shopify Order was updated. I have created the script but I found that the request is blocked as the Sales Order was generated byAutomated log-out/session end
I'm concerned about security of our data. Is it possible to set an automatic time-out for user sessions on Zoho CRM, after a certain period of inactivity or when the session reaches a certain duration (12 hours perhaps)?Admin asked me for Backend Details when I wanted to verify my ZeptoMail Account
Please provide the backend details where you will be adding the SMTP/API information of ZeptoMail Who knows what this means?Mass import of documents into Zoho Writer
I'm using Google's word processor at the moment but feel that Zoho does a better job (on the online apps market). Iwant to move my documents (about 50-70) to Zoho but it seems to me that I have to import them seperately. Is it already possible to upload several documents at a time or is this a forthcoming feature? Cheers Rolli :?:When will it be possible to edit Subform records via either views or tabular reports?
Hey there, data maintenance often requires mass update of quite a lot of records. While this is a piece of cake via either List view or Zoho sheet view, the same cannot be carried out for subform records yet. When one of the two options will be made available?Subform auto populate values
Hi Team, I’m trying to retrieve values from Zoho People using API functions and dynamically populate them into a subform. For example, I’ve created a form with several fields that users will fill out. Based on their input, I need to fetch records fromAdd System Pre-Defined Lookup Field to Subform?
Hi there! New to using Zoho, so this may already exist, but I'm having trouble figuring it out. Is there a way to get the system pre-defined Account Lookup field (in our case, renamed to Company Name), as the starting point for a subform? In our company,How we cut CRM updates from ~20 minutes down to 2, our real workflow
Updating the Zoho CRM after every call used to be one of the biggest time sucks for our team. By the time you write your notes, clean them up, fill in the fields, and log everything properly… you’ve easily lost 15–20 minutes per call. We started experimentingAdd home page or dashboard in CRM customer portal
is it possible to add home page or dashboard in CRM customer portal?User Tips: How to change the the label display name of a system defined field
Most users know how to change field label names via Settings > Modules & Fields but if you want to change the name of a system defined field you can’t as there is no “edit properties” option. However with a simple hack you can edit any system definedSearch not working!
I have items in my notebook tagged but when I search for a tag nothing comes up! Any fix for this?Zoho Analytics Regex Support
When can we expect full regex support in Zoho Analytics SQL such as REGEXP_REPLACE? Sometimes I need to clean the data and using regex functions is the easiest way to achieve this.Zoho CRM Community Digest - October 2025 | Part 1
Hello Everyone! Here's a quick recap of first two weeks of October! Product Updates: Zoho CRM Android App Update: Surveys, Blueprints, and Smarter Mobile Features! Zoho CRM’s Android app just got a useful upgrade. You can now share records, upload yourAdd Custom Field Inside Parts Section
How to Add Custom Field Inside Parts Section in Workorder like Category and Sub- CategoryWhat is New in CRM Functions?
What is New in CRM Functions? Hello everyone! We're delighted to share that Functions in Zoho CRM have had a few upgrades that would happen in phases. Phase 1 An all new built-in editor for better user experience and ease of use. ETA: In a couple of days.Next Page