Feature update: Advanced security settings

Feature update: Advanced security settings

We've previously written about how using security policies could be beneficial for admins. To enable you to better protect your organization, we've come up with a few additional settings for security policies in Zoho One that can be used to regulate your users' web sessions.

What are web sessions?

A web session refers to the period of time you stay signed in to your Zoho One account. You create a new web session every time you sign in to Zoho One (or any of its included apps), and this session exists until you sign out.

Why is session management important?

Although defining web sessions is easy, managing them isn't. As end users, we often create new web sessions (and forget them) without even realizing it. Today, everyone has at least two devices and uses at least two browsers (and a few in-app mobile browsers) in each of those devices. On top of this, we often use a friend or relative's device to type out a late-night email or reply to a colleague's message. Every time we sign in to our account on these various browsers, we end up creating concurrent web sessions. However, we rarely sign out of these sessions manually, resulting in unaccounted sessions.
These unaccounted sessions could expose your organization's data to insecure devices or software, and consequently to malicious parties.

How to use session management to mitigate these threats?

As an admin, you can now enforce a secure session management policy for your entire organization using these three settings:
  • Session lifetime
  • Idle session timeout
  • Concurrent sessions

Regulating session lifetime

Session lifetime refers to the maximum period of time a user can stay signed in on a browser or device before being forcefully signed out of it. If your session lifetime is set as 30 days, you'll be signed out 30 days after signing in to your account, even if it is on a browser or device that you use everyday.

Setting up idle session timeout

Idle session timeout refers to the maximum period of time users can sign in and stay inactive on a browser or device before being forcibly signed out of it. For example, assume your idle session timeout is set as three hours. If you spend more than three hours away from Zoho One, you'll be automatically signed out.

Limiting concurrent sessions

Concurrent sessions refer to multiple sessions present in different browsers or devices at the same time. For example, you might be signed in to your account on your laptop as well as your mobile at the same time. Or you might be signed in on two different browsers in your laptop at the same time. Limiting the number of concurrent sessions you're allowed to have will protect you from creating too many unaccounted sessions. Once you reach the maximum number of sessions, you'll be forced to clear your older sessions, thereby signing you out of all other sign-ins.

Besides enforcing these settings through security policies, you can also use the Account Activity subtab in a user's information screen to monitor and manage an individual user's active sessions.
To learn more about configuring session management, go through our Knowledge Base article on it.


We hope this was useful. Have any thoughts or questions about the new feature? Drop a comment, and we'll discuss.


    • Sticky Posts

    • Feature update: Advanced security settings

      We've previously written about how using security policies could be beneficial for admins. To enable you to better protect your organization, we've come up with a few additional settings for security policies in Zoho One that can be used to regulate your users' web sessions. What are web sessions? A web session refers to the period of time you stay signed in to your Zoho One account. You create a new web session every time you sign in to Zoho One (or any of its included apps), and this session exists


          Zoho TeamInbox Resources

            Zoho DataPrep Resources


                Zoho CRM Plus Resources

                  Zoho Books Resources


                    Zoho Subscriptions Resources

                      Zoho Desk Resources

                        Zoho Projects Resources


                          Zoho Sprints Resources


                            Zoho Orchestly Resources


                              Zoho Creator Resources


                                Zoho WorkDrive Resources




                                    Zoho Campaigns Resources

                                      Zoho CRM Resources

                                                    Design. Discuss. Deliver.

                                                    Create visually engaging stories with Zoho Show.

                                                    Get Started Now


                                                      Zoho Show Resources


                                                        Zoho Writer Writer

                                                        Get Started. Write Away!

                                                        Writer is a powerful online word processor, designed for collaborative work.

                                                                  有料プランをご利用の方