5 ways to secure your Zoho One organization
In observance of National Cyber Security Awareness Month, we'll discuss all the ways you can protect your Zoho One organization in this article.
1. Monitoring incidents
The first step in securing your organization is monitoring and identifying your weaknesses and vulnerabilities. Zoho One's new Dashboard is a handy tool that identifies threats faced by your organization. The Sign-in Details graph lets you assess the sign-in attempts of all users, the location and time of the attempt, and even the device used for signing in.
The Dashboard has already helped our users understand the threat to their organization's security and the tools they have to combat it. Here is some of their feedback:
- I really love these new reports! I have browsed the reports, and I am seeing 1,585 failed login attempts in the past 7 days, most of them from outside the country. This is bringing a lot of insight and helping to educate users about security. - Christophe Mendéz, Operations Director - MZ Consultants
- Great update! One of the most interesting things I have seen is the number of failed logins from around the world. Thankful for MFA [multi-factor authentication]. - Gordon Mankelow, Business Technology & Zoho Specialist - Relativity Limited
- SPOT ON! Many customers don't bother [turning on MFA], but I believe it is essential. That said, in my list of failed logins are numerous IMAP logins from abroad. - Matt Koopmans, Founder & Director - Aurelian Group
Once you know where your problems lie, you can start fixing them. Learn more about dashboard and reports.
2. Access management
According to the 2019 Verizon Data Breach Investigations Report (DBIR), 34% of breaches occur due to internal actors, and most of these internally-caused incidents are not intentional. They are merely user errors. This highlights a need for stricter access management—the tighter the user access control, the fewer vulnerabilities for malicious parties to exploit.
A common pitfall for most of our users is enabling all the apps in their Zoho One bundle right away and granting everyone access to them. Use the Applications tab in Zoho One to ensure that only the right people have access to the right tools. For example, your support agents wouldn't need access to Zoho Books or Zoho Campaigns. Invest some time into auditing and managing your users' access.
Continuous access management with Zoho One
Regularly auditing your users' access and making changes manually might be infeasible in the long run. This is why we suggest you use Conditional Assignments in Zoho One. Conditional Assignment can automatically assign apps to existing and future users based on rule-based conditions. You can configure a condition to assign specific application roles to specific users, further fortifying access-based security. Learn more about Conditional Assignment.
Secure, trusted access points
Speaking of access management, securing physical access is just as important as securing digital access. We strongly suggest you make use of Zoho One's Allowed IPs feature to prevent malicious parties from gaining access to your organization. This feature follows the positive security model and allows your users to access their Zoho One accounts only from secure and trusted IP addresses. Learn more about Allowed IPs.
3. Secure delegation
The Verizon DBIR goes on to explain that the leading reason for security incidents is Privilege Misuse, which includes Unauthorized Access. Although "unauthorized access" sounds like complicated technical jargon, it is a simple concept—people signing in to accounts they shouldn't be signing into, often using credentials they obtain by unofficial (although not illegal) methods. A good example is a Zoho One Organization Owner sharing their credentials with an HR Manager, enabling them to add new employees to the organization. Even if the reasons behind the action are innocent, it leads to serious long-term problems.
If you find yourself in a situation where you need additional people operating your Zoho One organization, we strongly suggest that you use Zoho One Admins and App Admins to securely delegate responsibilities. Learn more about Admins.
4. Single sign-on
When talking about single sign-on (SSO), people tend to focus on convenience and ease-of-use. However, the biggest advantage of SSO is security. Not only does it eliminate the use of multiple passwords and the horde of problems they bring, it also follows the SAML 2.0 standard, ensuring only your users can access your applications. Learn more about using Zoho One as a SAML IdP.
5. Policy-based MFA
Using multi-factor authentication (MFA) is the first piece of advice given to organizations by almost every security expert. The only downside of MFA is that the more secure your authentication factors are, the harder they are to use. For example, using a hardware authenticator like Yubikey (which Zoho One now supports) is highly secure, but hard to use as it involves maintaining an additional hardware device. On the other hand, SMS-based OTPs are easy to use as they're tied to your mobile number, but they are considered the least secure form of MFA.
One way to handle this duality is through Zoho One's Security Policies. We suggest you create multiple security policies with varying degrees of security, and apply them to users based on their risk factor. Ask yourself which employees are handling your organization's most sensitive data. For example, Systems Admins or Payroll Managers may need stricter security policies than Sales Agents and Marketers. Learn more about Security Policies.
Now that you know the purpose of the different ways you can protect your Zoho One organization, we hope you'll be able to monitor and manage your security better! Happy National Cyber Security Awareness Month, and feel free to share your feedback in the comments section.
Access your files securely from anywhere
Zoho Developer Community
New to Zoho LandingPage?
Zoho LandingPage Resources
New to Zoho Survey?
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho Marketing Plus?
Everything you need to run your marketing
New to Zoho Marketing Plus?
Everything you need to run your marketing
New to Bigin?
Topic Participants
Ahilesh K
Sticky Posts
How to Add Users to your Organization in ZohoMail?
A better clarity so you can create other users to start using Zoho Mail. You can directly Add Users from the Control Panel to your Organization. You can invite users with the existing email address. If the person (user) already uses ZohoCRM, then you can import users from Zoho CRM. You can also import them using a .csv file. (if you are planning to add them in Bulk) In this topic, We will be discussing on how to Add and Invite users only. The Import options are self explanatory. ____________________________________________________________________________________________________________
New to Zoho TeamInbox?
Zoho TeamInbox Resources
Zoho DataPrep Resources
Zoho CRM Plus Resources
Zoho Books Resources
Zoho Subscriptions Resources
Zoho Projects Resources
Zoho Sprints Resources
Qntrl Resources
Zoho Creator Resources
Zoho Campaigns Resources
Zoho CRM Resources
Design. Discuss. Deliver.
Zoho Show Resources
Get Started. Write Away!
Writer is a powerful online word processor, designed for collaborative work.
Zoho CRM コンテンツ
-
オンラインヘルプ
-
Webセミナー
-
機能活用動画
-
よくある質問
-
Ebook
-
-
Zoho Campaigns
- Zoho サービスのWebセミナー
その他のサービス コンテンツ
Nederlandse Hulpbronnen
ご検討中の方
Recent Topics
Calculate months and years between 2 dates on subform
I am looking for a function syntax for an employment candidate to calculate the number of years and months (decimal format. eg 1.2 years) they are employed. I have their start date entered, but if the end date is blank, that tells me they are still employedCombine related grouping values into categories in CRM analytical components
Hello everyone, Analyzing large datasets can be challenging when dealing with numerous individual data points. It's often difficult to extract meaningful insights when information is scattered and ungrouped. To address this, we're adding options to createHow Kiosk Studio can simplify sales for bank employees | Kiosk Studio Session #4
Hello everyone, Banks can boost revenue by cross-selling to their current customers. For example, they can sell credit cards, personal loans, and more to existing account holders. To do this, bank employees move all around the CRM, open and close records,Tip #19 - Create checkbox tracker in your spreadsheet
Hello Sheet users! We are here with yet another tip to help you get the most out of Zoho Sheet. Spreadsheets can be used to handle a variety of tasks, but ever tried using checkboxes to track the progress of your action items dynamically? Here's a sampleIntegrate Oracle with ZOHO CRM
Please let me know if its possible to Integrate Oracle with ZOHO CRM. If yes then help me in doing it.UUIDs
Has anyone coded a Universal Unique Identifier (UUID) generator in Deluge?Introducing signer groups: Streamline signature collection and make it even faster
Hello everyone, We're excited to introduce signer groups, a feature designed to make your signing process quicker, more efficient, and collaborative. With signer groups, you can send an envelope to a group of people, and any member of the group can openCalendar - Recurring Event - End of Month and Last Weekday of Month
How do I set a calendar event to recur on the last day of every month? How do I set a calendar event to recur on the last weekday of the month?Duplicate Zoho Invoices and Sales Receipts
We have been running into an issue where upon saving an invoice or a sales receipt, we get a duplicate: same information saved twice but with a different invoice id/number and sales receipt id/number. I have logged a ticket but so far no response. ItIntroducing revamped Zoho Creator Developer Console—a powerful platform for developing and distributing apps
Hello everyone! We're thrilled to announce the launch of the revamped Zoho Creator Developer Console—a dedicated platform designed specifically for Creator developers and Partners to build, test, and distribute apps to your clients. Developer ConsolePhone App of CRM doesn't find contacts
I open the crm to and do a contact search but nothing comes up. If I do a full zia search it will find an old note that is attached to a contact and I can open the contact. BUT I still can't enter notes of calls, set appointments, etc. It requests I go[Product Update] Deprecation of 'Inbound Transport Details' module in Zoho Analytics - Amazon Seller Central integration
Dear Customers, Please be informed that the Amazon Seller Central will be deprecating the 'Inbound Transport Details' module APIs effective December 20, 2024. As a result, this module will no longer be supported in the Amazon Seller Central - Zoho AnalyticsIs there any support for Drivers license and other forms of ID scanning capabilities?
When scanning a drivers license barcode for data input to a Form, the scanning tool receives all the raw data but there doesnt seem to be a function to limit or remove the unnecessary fragmrnts, like a prefix. Is there any support or info in the helpExciting Update: Multi WhatsApp Business Account (WABA) Support Now Available in SalesIQ!
We’re pleased to share an important update that will enhance the way you manage your WhatsApp Business accounts (WABAs) within SalesIQ. With the launch of Multi WABA support, you can now connect and manage multiple brands more effectively, each underGravity Forms plugin not passing some fields
I use the gravity form zoho plugin to push data from my lead form into my lead page in Zoho CRM. Everything was working file for about 6 months. Suddenly on Oct 1st, some of the fields are no longer getting passed to Zoho. The fields with the problemCan't delete bank transactions (i changed from 14 days trail to free just now)
Hi, I manually added one bank transaction When i try to delete it, it say below: What should I do?Feature Request: Search in the PC client. Some thoughts about the search.
Hi all. I'm really excited to start using Zoho Notebook, but I'm missing some of the search capabilities on my desktop. There are also some thoughts on improving search in general. Search is very important to me, without it it is difficult for me to useLeave Policy for Brazil
Hi, Brazil asked us to configure Zoho People to apply the following policy: · To block starting vacations 2 business days before holidays or weekends; Employees cannot start their vacations 2 days before holidays or weekends. Example: If December 25thAdding date field to each individual Items when creating Invoices?
When adding items into an invoice I need to be able to have a date for each item. Example below: Date Item Description Qty Rate Discount(%) Tax Amount 31/07/13 Brown Sugar Performance 1.00 3,000.00 0.00 10% $3300 Is this possible or will it be in theAuto-Create OneDrive Folder Structure Upon Lead Creation
Hello, New to Zoho and looking for help on a critical process automation I'm looking to implement. My company currently utilizes OneDrive for file management and the folder structure is Proposals -> Client Name -> Address (where I need to initially createProfile Page View Customization
I need to change the fields, sections from the profile view of an emplyoyee.What do the Image Sizes mean in Zoho CRM Email Templates?
Below you can see the image options in email templates: Banner, Fit, Small, Medium, Original, Custom. Can someone from Zoho please share with me: What each is/means? How each will look on desktop AND mobile? How to edit "custom"? If I choose "Custom"Translate any published presentation to the language of your choice
As part of our constant effort to enrich your presentation experience, Zoho Show has rolled out a new feature for translating published presentations. Consider the following scenario: Zylker IT services, a multinational corporation, has announced productBlueprint: multi-select lookup field not available in the criteria option
I read this old forum post which stated that multi-select lookup fields are now selectable as an option in a Blueprint transition configuration: https://help.zoho.com/portal/en/community/topic/blueprint-multi-select-lookup-field-not-available-within-blueprint-transitionApply Credit Note Automatically
We need the ability to apply open Credit Notes toward invoices generated by recurring invoice as the first, priority payment. This should be an option that we can enable/disable in the recurring profile and/or the Credit Note. Other invoicing systems can do this. I'm not sure why Zoho Invoice doesn't have it. Here's an example for a Recurring Invoice... If a customer has open Credit Notes, and a saved credit card set for auto-pay, once an invoice goes out, the credit balance gets automatically appliedWorkflow for "Expenses" module?
Hi there, over the last 2 years, Zoho Expense has seen tremendous growth and we are happy with it. But, sometimes it is frustrating to see things are being implemented halfheartedly, or so it seems. For example, There is the possibility to create workflowsRecord Template - Conditionally printing sections
Is there a way to conditionally print a section of a Record Template? More specifically I am printing records from a Form "Invoice". That Form has 3 SubForms. I'd like to print the content of those SubForms using a Record Template but only if they have at least one line item. If they have no line items, I'd like to hide the headers for that section on the printout.User can choose the PDF report
Hi. I would like to find out if a user (Creator or customer portal) to choose from the different PDF customised reports that have been built?Query table pull last 12 months
I am tying to pull the following criteria and the date is always what causes me the issue. I want to pull people (pco_id) who have entries of "event_id" being these 2 events and whos "kind" is Regular or Guest and where the event_starts_at (date column)PLEASE FIX Search options and consider a Global seach option
A recent update has removed the ability to search for addresses and phone numbers under contacts. We cannot find where this moved to (If it is still available). Please put these options back as we cannot locate specific projects anymore. Also please consider allowing for a Global search. This would really improve the search engine. For example: If I search for "Sally Jones" then all invoices , estimates, vendors etc.. would populate.. Please let me know if you need any more information. Thank You....Customize your calendar based on personal preferences
Greetings, We're happy to introduce a few new capabilities to the Activities module's Calendar View! Now you can tailor your calendar's appearance and notification settings to suit your needs. In the past, the Calendar View lacked customization optionsBUG ALERT: Client Script + Commands -> $Page contextual data is not updated
When using the new Client Script Commands feature, there is an issue with the Client Script $Page contextual data not accurately being updated each time a Command is run. Assuming a Client Script Command called "Client Script Command Bug" with the followingShow iFrame of related List inside of Blueprint Transition
Hey, is it possible to show an iFrame of a related list like this inside of a Blueprint transition?Lookup Fields not Converting
I manage holiday properties. I have a lookup to the Accounts (Properties) in the Leads module. The lookup is connected to the property address field. When I convert it the lookup field does not update in Deals, although the property address does. There2024: A Year of Transformation with Zoho Forms
As we close the curtain on another exciting year, it’s time to reflect on the strides Zoho Forms has taken in 2024. From empowering businesses with advanced tools to simplifying workflows and enhancing user experiences, our updates this year were allStop selling out of stock Items.
Hi I have been using Zohobooks for a around 8 month now. I am not involved in selling process but my staff cant stop selling product which they do not hold in stock, this is a big headache for me as physical count never matches what is shown on the books.Bigin API Token Request ("invalid_client")
Hi people, I tried to connect to the API without success, I've read all of the documentation multiple time and tried just about everything. I tried to do it with Python Request module and with Postman, passing the information through both the URL parameterCustomer Happiness not clickable when using API
Is there a way to automatically add the Customer Feedback links when generating email drafts via the API? Currently, the feedback links are only added when generating an email draft using the UI. I tried using the endpoint described in https://desk.zoho.com/DeskAPIDocument#CustomerFeedback#CustomerFeedback_GetthecustomerfeedbackplaceholderlinkSend To Zoho Sign not Showing
The button send to Zoho sign is not showing on my Zoho CRM . Is there additional steps I need to take after installing Zoho Sign to CRM ?How to Get An Image's URL once it's uploaded to library?
I manage to find URLs to the images I uploaded to my library, but after a day, it seems the links stop working like its only temporary. Where can I find the ACTUAL solid URL for my images that I upload to my Library so I can use them for my custom template / HTML coded template? Thanks, MacNext Page