Data Center 

Where are your data centers located?

Zoho's data centers are located in the following regions: 

• United States (US)
• European Union (EU)
• India (IN)
• Australia (AU)
• China (CN)
• Japan (JP)
• Canada (CA)
• Saudi Arabia (SA)
• United Arab Emirates (UAE)

Each of these DCs serve a specific set of countries. For detailed information on the countries they service, please visit our Know Your Data Center page.

What compliance certifications do Zoho’s data center have?

We host your data in best-in-class data centers across the globe. Each of these facilities holds a distinct set of compliance certifications. The certifications listed below are as of June 2025, and we continually work to expand our compliance to meet evolving industry standards.

Are there any restrictions on concurrent usage? Can your data centers handle high volumes of traffic?

No, there are no restrictions on concurrent usage. To ensure high availability and scalability, Zoho utilizes a shared cluster model supported by multiple application servers. These servers are organized into Application Groups, with each group handling specific functionalities. The platform auto-scales workloads within each cluster, both horizontally and vertically, to handle high traffic across all customers efficiently.

What mechanisms have been implemented to physically secure the data center and sites?    

We control access to our resources (buildings, infrastructure, and facilities), where accessing includes consumption, entry, and utilization, with the help of access cards. We provide employees, contractors, vendors, and visitors with different access cards that restrict access specifically to the purpose of their entrance into the premises. The Human Resource (HR) team establishes and maintains the purposes specific to roles. We maintain access logs to spot and address anomalies. 

At our data centers, a co-location provider takes responsibility for the building, cooling, power, and physical security, while we provide the servers and storage. Access to the data centers is restricted to a small group of authorized personnel. Any other access is raised as a ticket and allowed only after the approval of respective managers. Additional two-factor authentication and biometric authentication are required to enter the premises. Access logs, activity records, and camera footage are available in case an incident occurs. 

We monitor all entry and exit movements throughout our premises in all our business centers and data centers through CCTV cameras deployed according to local regulations. Back-up footage is available up to a certain period, depending on the requirements for that location. 

What are the Environmental Security Controls present in the cloud DC?

We have implemented various physical and environmental controls at our facility, including temperature regulation, continuous monitoring, energy management, and physical security.

As a proactive measure, we have also established a secondary data center to minimize the impact on operations in the event of severe environmental hazards—such as floods, tornadoes, earthquakes, hurricanes, or similar events—affecting the primary data center.

How do you ensure availability of information processing facilities in the event of a disaster? (e.g. multiple data centers, hot sites, cold sites)    

Application data is stored on resilient storage that is replicated across data centers. Data in the primary DC is replicated in the secondary in near real time. In case of failure of the primary DC, the secondary DC takes over and the operations are carried on smoothly with minimal or no loss of time. Both the centers are equipped with multiple ISPs.

We have power back-up, temperature control systems, and fire-prevention systems as physical measures to ensure business continuity. These measures help us achieve resilience. In addition to the redundancy of data, we have a business continuity plan for our major operations, such as support and infrastructure management.

Are fire suppression and power backup systems compliant with industry standards?

Yes. Our data centers are equipped with industry-standard fire suppression systems, redundant power backup, and climate control measures to ensure operational resilience and business continuity. Our data centers can operate for up to 72 hours using a Genset generator in the event of a power outage

These systems are regularly tested and maintained as part of our Business Continuity and Disaster Recovery (BC/DR) strategy. We also conduct periodic DR drills to validate the effectiveness of these measures and ensure compliance with best practices for infrastructure safety and reliability.

Are Disaster Recovery (DR) drills performed at least annually to prove data center recoverability? 

Yes, we conduct planned Disaster Recovery (DR) drills annually to validate data center recoverability. 

Do you provide an active-active configuration between the primary and failover site?

Yes. We use a hot-site (active-active) configuration, allowing seamless failover and minimal service disruption in the event of a failure at the primary site. Data from the primary data center is continuously replicated to the secondary data center, which serves a read-only version to ensure availability during disruptions.

Are you aligned with any green data center or sustainability initiatives?

Yes. We have implemented green data center practices by designing our infrastructure to maximize energy efficiency and minimize environmental impact. 

Our systems include energy-efficient cooling, power management, and hardware optimization strategies. Wherever possible, we also source renewable energy and adhere to sustainable operational practices to reduce our carbon footprint. 
To learn more about our commitment to sustainability, visit our ESG page.

Which anti-malware/EDR solution installed on the servers are present in the cloud/data center where your application is hosted?    

We take proactive measures to ensure the safety of user data and prevent the spread of malicious content. Our proprietary anti-malware engine, enhanced with machine learning capabilities, provides robust protection by adapting to emerging threats in real-time. All user files are scanned using our automated malware detection system, which is regularly updated with threat intelligence from external sources. This system checks files against known malicious signatures and suspicious patterns.

To combat spam and email spoofing, Zoho supports Domain-based Message Authentication, Reporting, and Conformance (DMARC), which works in conjunction with SPF and DKIM to verify the authenticity of messages. Additionally, we use our in-house detection engine to monitor and prevent abuse, including phishing and spam activities.

A dedicated anti-spam team continuously monitors system signals and responds to abuse reports to maintain the integrity of our platform.

How are patches being regularly applied on servers present in the cloud/data center?

We use a centralized patching tool within our corporate network to deploy relevant patches, hotfixes, and security updates to all laptops and workstations. Our production instances are updated in accordance with our established patch management policy, ensuring timely application of security and system patches.

Is user access restricted and controlled, with limited permissions to data, configuration settings, and services within your cloud account or data center?

We have a well-defined access control policy that aligns with business needs and information security/privacy requirements. Technical controls and internal policies are in place to prevent unauthorized access to customer data by employees. Access is governed by the principles of Need-to-Know and Need-to-Use, ensuring data is accessible only to those who require it for their roles.

We enforce the principle of least privilege and implement role-based access controls (RBAC) to minimize data exposure risks. All access to information systems requires proper approval from authorized personnel. Access rights are promptly revoked in cases of role changes or employee termination.

Additionally, multi-factor authentication (MFA) is required for remote access and access to critical systems, enhancing the overall security posture.

What policies are configured for restricting customers' Personally Identifiable Information (PII) leakage from the cloud / data center services?    

Strict access control policies are enforced, ensuring that permissions to access or modify sensitive data are granted only to authorized personnel, in accordance with the principle of least privilege. All sensitive operations are logged in an audit trail, which helps detect and alert on potential data leaks or exfiltration attempts. Additionally, sensitive information and user-uploaded files are encrypted at rest to ensure robust data protection.

Is communication with your data center secure?    

All customer data transmitted over public networks to our servers is secured using strong encryption protocols. We enforce the use of Transport Layer Security (TLS 1.2/1.3) with strong ciphers across all connections, including web access, API calls, mobile apps, and IMAP/POP/SMTP email client access.

This ensures high levels of security by authenticating both parties involved in the connection and encrypting all data in transit.

For email communications, our services leverage opportunistic TLS by default. This allows encrypted email transmission between mail servers that support the protocol, effectively mitigating the risk of eavesdropping during delivery.

Are privileged user access rights provided on your infrastructure (cloud or data center) reviewed periodically?

Yes. Privileged access rights are reviewed every six months and additionally on an as needed basis. 

Is VPN required for accessing the production cloud or data center workloads where the production application is hosted?

Yes. VPN access is required to securely access production workloads hosted in our cloud or data center environments.

Does Zoho Creator support on-premise deployment?    

Yes, Zoho Creator is available in both cloud and on-premise versions.For detailed information, visit our on-premise page.

We also support hybrid deployment, where you can build and manage your applications in the cloud while hosting them in your preferred environment. For detailed information, visit our hybrid hosting page.

Data Storage, Transmission, and Protection

How and where is the data stored and protected?

Data Storage:
Zoho hosts your data in state-of-the-art data centers around the world. When you sign up for Zoho, you can select your preferred country, which helps determine the location of your data center. The country is automatically selected based on your IP address to make the process easier. Based on this selection, your account is hosted in the corresponding data center, ensuring localized storage for better compliance and performance.

Data Protection:
Zoho ensures a high level of data protection by encrypting data at rest using AES-256 encryption. Sensitive data is further safeguarded through Zoho’s in-house Key Management Service (KMS). To enhance security, master and encryption keys are stored separately, maintaining the confidentiality and integrity of your data. This multi-layered approach helps make Zoho’s data storage both secure and reliable.

For specific details on how data is encrypted and protected in Zoho Creator, please refer to the Zoho Creator Encryption Page.

Data Center Security and Access Control:
Our data centers are managed by a co-location provider who handles the building infrastructure, cooling, power, and physical security. We are responsible for providing the servers and storage.

• Access to data centers is restricted to a small group of authorized personnel.
• Any other access requests are processed through a ticketing system and require manager approval.
• Two-factor authentication and biometric security are required to enter the premises.
• Access logs, activity records, and camera footage are maintained to monitor any incidents.

Monitoring:
We actively monitor all entry and exit movements within our data centers and business premises. This is done through CCTV cameras installed in compliance with local regulations. Backup footage is retained for a specified period based on location requirements, ensuring thorough monitoring and swift incident resolution.

For more details, visit Zoho's Datacenter and Security pages.

Is the data stored in database and/or transmitted in encrypted form?

Yes, Zoho Creator uses encryption both at rest and in transit, ensuring that your data remains protected at all times.

Data Encryption In Transit

All customer data transmitted over public networks to Zoho servers is secured using strong encryption protocols. Zoho mandates the use of Transport Layer Security (TLS 1.2/1.3) with strong ciphers for all connections, including:

• Web access
• API access
• Zoho mobile apps
• IMAP/POP/SMTP email client access

This ensures secure communication by authenticating both parties and encrypting transferred data.

Additional Security Measures:

• Opportunistic TLS for Emails: Ensures encrypted email transmission when supported by peer servers.
• Perfect Forward Secrecy (PFS): Prevents past communications from being decrypted, even if security is compromised in the future.
• HTTP Strict Transport Security (HSTS): Enforces encrypted connections for all web traffic.
• Secure Authentication Cookies: Flags all authentication cookies as secure to prevent unauthorized access.

Data Encryption At Rest

Sensitive customer data stored in Zoho Creator is encrypted using the 256-bit Advanced Encryption Standard (AES). The encryption at rest varies depending on the services used.

Zoho maintains encryption keys through its in-house Key Management Service (KMS). Additional layers of security are provided by encrypting data encryption keys with master keys, which are physically separated and stored on different servers with limited access.

Additional Encryption Options in Zoho Creator

Field-Level Encryption

• Certain fields in Zoho Creator allow an additional layer of encryption to protect sensitive, confidential, or personally identifiable information (PII).
• You can enable Encrypt Data in the Field Properties to secure fields capturing sensitive data. For detailed information, visit our data encryption for fields document.

• ePHI (Electronic Protected Health Information) refers to protected health data that is created, stored, transmitted, or received electronically.
• In Zoho Creator, you can enable Contains Health Info in Field Properties within the Form Builder to classify fields as ePHI. Permissions can be controlled to determine which users can view or access ePHI fields within the application settings.

Report-Level Data Masking

• Encrypted fields in Zoho Creator can be masked in reports, ensuring sensitive data remains hidden from unauthorized users.
• Role-based access control (RBAC) and permission sets allow admins to manage visibility of encrypted fields for different users.

BYOK for Encryption

Zoho Creator supports BYOK, allowing you to use your own Key Encryption Key (KEK) instead of Zoho’s default KEK. You can integrate keys from an external Key Management System (KMS) such as Thales, or use your own custom key.
Learn more about BYOK in Zoho Creator.

For detailed information, visit our encryption page and the encryption in Zoho Creator.

What types of sensitive data are masked to protect user privacy?

Sensitive data stored in Zoho Creator, including Personally Identifiable Information (PII), such as names and email addresses, as well as Electronic Protected Health Information (ePHI) like health-related data, is thoroughly masked to protect privacy and ensure security.

Encrypted Data Masking in Reports

• Encrypted fields in Zoho Creator can be masked in reports, ensuring that sensitive data remains hidden from unauthorized users.
• Role-based access control (RBAC) and permission sets allow administrators to manage the visibility of encrypted fields, restricting access to sensitive data based on user roles and permissions.

This comprehensive approach to masking guarantees the confidentiality and integrity of user information, ensuring that only authorized users have access to sensitive data when needed.

Is my data stored in my region?

Zoho ensures that your data is stored within the region relevant to you. When you sign up, you are automatically assigned to the data center (DC) that serves your country. Both the primary and secondary locations of your assigned data center are within the same region, ensuring that your data remains within the region you selected.

During sign-up, you will be asked to choose your country, and the field is pre-populated based on your IP address for your convenience.

For more information about data center locations and how your data is handled regionally, please visit our Know Your Data Center page.

Do you maintain backups of my data? Where is the backed up data stored?

Yes, we maintain regular backups of your data. The backup data is securely stored within the same data center and encrypted using the AES-256 bit algorithm to ensure its protection. The backups are saved in tar.gz format and retained for a period of three months.

Zoho Creator also provides in-product backup capabilities, allowing users to manually generate and download backups of their applications and data. These backups can be stored locally for additional security and recovery options.

For detailed information, visit our backup and restoration page.

Is the backed up data encrypted?

Yes, all backed-up data is encrypted to ensure security and confidentiality. We use AES-256 encryption to protect backup data stored in our data centers, preventing unauthorized access.

We run incremental backups daily and full backups weekly for our databases using the Zoho Admin Console (ZAC) across Zoho's data centers. Backup data is stored in the same location in tar.gz format and is retained for three months. If a customer requests data recovery within this retention period, we restore the data and provide secure access. The timeline for restoration depends on the size of the data and the complexity of the request.

To further enhance data safety, we utilize a Redundant Array of Independent Disks (RAID) on backup servers, ensuring reliability and fault tolerance. All backups are scheduled and tracked regularly. In the event of a failure, an automatic re-run is initiated and immediately resolved. The ZAC tool also performs integrity and validation checks on full backups to maintain data consistency.

For additional protection, we strongly recommend that customers schedule regular backups by exporting their data and storing it in their own infrastructure. Learn more about application backup here.

How do you ensure my data is securely separated from other customers' data?

Zoho operates on a multi-tenant architecture, where your data is stored alongside other customers' data. However, we ensure your data remains securely isolated through logical segregation within our service data storage. Our infrastructure efficiently distributes and manages cloud resources while employing secure protocols to maintain the logical separation of each customer's data.

Even though multiple customers share the same physical infrastructure, robust access controls and logical partitioning ensure your data is exclusive to you. Encryption, user authentication, and strict access policies prevent unauthorized access, ensuring that no customer can view or modify another's data.

These measures align with industry best practices, ensuring privacy, security, and compliance in a multi-tenant environment.

Do you have identity access control for your employees?

Yes, we implement a robust access control policy, grounded in business, information security, and privacy requirements. The primary goal of these controls is to protect sensitive information by ensuring that access to data and resources is granted only to those who need it for their specific role while preventing unauthorized access.

Our access control policy is based on two key principles: the Need-to-Know and Need-to-Use concepts. These principles help ensure that employees only have access to the information necessary for their job functions.

We employ a combination of technical access controls and internal policies that are periodically reviewed to strictly limit access to user data, following the principle of least privilege and utilizing role-based permissions. This helps reduce the risk of unauthorized data exposure and ensures that only authorized individuals can access sensitive information.

Learn more

How long is my data stored in your servers?

We store your data as long as you remain a Zoho customer. Once your subscription ends, your data will be handled in accordance with our data retention policy. Your data is securely stored on our servers for a period of three months after subscription termination. During this retention period, we prioritize your privacy and security, protecting all stored data with industry-standard encryption and stringent access controls.

At the end of the retention period, your data is securely disposed of using industry best practices to prevent unauthorized access or retrieval. For detailed information, visit our privacy policies page.

Physical and Network Security

How secure is Zoho's infrastructure? 

We host your data in our best-in-class datacenters across the globe.  Our data centers feature state-of-the-art infrastructure with robust security measures in place, ensuring a highly secure environment for your data. Here are some key points that indicate the security measures in place:

• Physical Access Controls: We have implemented strict access controls, including access cards, two-factor authentication, and biometric authentication, to ensure only authorized individuals can enter the premises.
• Access Logs and Monitoring: Access logs are maintained to track and address any anomalies, and CCTV cameras are deployed to monitor entry and exit movements.
• Network Security: Firewalls are used to prevent unauthorized access, and systems are segmented into separate networks to protect sensitive data. Regular reviews of firewall changes are conducted to ensure security.
• Encryption: Data in transit is protected using strong encryption protocols (TLS 1.2/1.3), and data at rest is encrypted using 256-bit AES. The company owns and maintains the encryption keys using its in-house Key Management Service (KMS).
• Monitoring and Incident Response: We have a dedicated Network Operations Center team that monitors the infrastructure and applications for any discrepancies or suspicious activities. Notifications are triggered in case of abnormal or suspicious activities.

Overall, the infrastructure has robust security measures in place to protect sensitive customer data.

For detailed information, visit our security whitepaper.

Do you have physical access controls in place to ensure only authorized individuals enter your premises?

Yes, At the workplace, we control access to our resources (buildings, infrastructure, and facilities), where accessing includes consumption, entry, and utilization, with the help of access cards. We provide employees, contractors, vendors, and visitors with different access cards that only allow access strictly specific to the purpose of their entrance into the premises. Human Resource (HR) team establishes and maintains the purposes specific to roles. We maintain access logs to spot and address anomalies.

• At Data Centers
  At our Data Centers, a co-location provider takes responsibility for the building, cooling, power, and physical security, while we provide the servers and storage. Access to the Data Centers is restricted to a small group of authorized personnel. Any other access is raised as a ticket and allowed only after the approval of respective managers. Additional two-factor authentication and biometric authentication are required to enter the premises. Access logs, activity records, and camera footage are available in case an incident occurs.
• Monitoring
  We monitor all entry and exit movements throughout our premises in all our business centers and data centers through CCTV cameras deployed according to local regulations. 

Do you use firewalls?

Yes, we use industry-standard firewalls to safeguard our network against unauthorized access and undesirable traffic. Our systems are carefully segmented into separate networks to ensure sensitive data is well-protected. For added security, testing and development environments are hosted in a network distinct from the production infrastructure supporting Zoho's core operations.

Firewall access is closely monitored on a strict, regular schedule. Our network engineers review all changes made to the firewall daily, and these changes undergo a comprehensive review every six months to update and refine firewall rules. In addition, our dedicated Network Operations Center (NOC) team continually monitors both infrastructure and applications for any discrepancies or suspicious activities. Using proprietary monitoring tools, we track all critical parameters, with immediate notifications triggered in the event of any abnormal or suspicious behavior within our production environment.

These layered firewall and monitoring measures help ensure the security and integrity of our systems.

How secure is your network?

Our network security is designed to be robust, well-managed, and continuously monitored to ensure the highest levels of protection for your data. Here are some of the key security measures in place:

• Regular Network Vulnerability Scans: We conduct weekly vulnerability scans using an external third-party tool, allowing us to identify potential security risks and address any vulnerabilities proactively.
• Application Penetration Testing: Every six months, we perform internal penetration tests, simulating real-world attacks to identify and address vulnerabilities in our applications.
• Access Controls: We enforce strict access controls, including physical access cards, two-factor authentication, and biometric authentication. These measures ensure that only authorized personnel can access our premises and data centers.
• Firewall Management: We use firewalls to prevent unauthorized access to our network. Our network engineer regularly reviews firewall access and all changes made to the firewall daily, with comprehensive reviews of firewall rules every six months.
• Network Segmentation: To safeguard sensitive data, we have implemented network segmentation. Systems supporting testing and development activities are hosted in a separate network from our production infrastructure, minimizing the risk of exposure.
  For wireless network security, access to the corporate Wi-Fi requires Multi-Factor Authentication (MFA). Remote access is secured further with both VPN and MFA. Within office premises, we provide a guest Wi-Fi network that is segregated from the corporate network and has no access to corporate data.
• Continuous Monitoring: Our dedicated Network Operations Center (NOC) team continuously monitors infrastructure and applications for any discrepancies or suspicious activities. Abnormal or suspicious activities trigger immediate notifications, allowing us to respond quickly.
• Encryption: To protect your data, we use strong encryption protocols such as TLS 1.2/1.3 for data in transit and encrypt sensitive customer data at rest using 256-bit AES encryption.

These measures ensure that your data remains secure at all times, with our team constantly monitoring and improving our network security to prevent unauthorized access and ensure the integrity of your information.

Do you have measures in place to prevent DDoS attacks?

Yes, we implement industry-standard from trusted and reputable service providers to prevent DDoS attacks on our servers. These solutions offer robust DDoS mitigation capabilities, effectively filtering out malicious traffic while allowing legitimate traffic to pass through. This ensures that our websites, applications, and APIs remain highly available and perform optimally, even during potential attack attempts.

Do you have a SIEM (Security Information and Event Management) tool?

Yes, We have our own internal proprietary SIEM tools to monitor and detect abnormal behavior. We monitor and analyze information gathered from services, internal traffic in our network, and usage of devices and terminals. We record this information in the form of event logs, audit logs, fault logs, administrator logs, and operator logs. These logs are automatically monitored and analyzed to a reasonable extent that helps us identify anomalies such as unusual activity in accounts or attempts to access customer data.

Disaster Recovery and Business Continuity

Do you have a disaster recovery policy? How would you manage a disaster in your infrastructure?

We have a robust disaster recovery plan in place that enables us to respond quickly and recover from disasters, minimizing downtime and ensuring business continuity. In case of failure of the primary DC, the secondary DC takes over and the operations are carried on smoothly with minimal or no loss of time. Both the centers are equipped with multiple ISPs.

We have power back-up, temperature control systems, and fire-prevention systems as physical measures to ensure business continuity. These measures help us achieve resilience. In addition to the redundancy of data, we have a business continuity plan for our major operations, such as support and infrastructure management. The DR drills are performed periodically in order to ensure business continuity.

Where is the disaster recovery site located in relation to your primary site?

Application data is stored on resilient storage that is replicated across data centers. Data from the primary data center (DC) is replicated in near real-time to a secondary DC. In the event of a failure at the primary DC, the secondary DC seamlessly takes over, ensuring minimal or no downtime.

Zoho's disaster recovery sites are strategically located in the same country but in a different geographical location from the primary data center. This ensures redundancy while maintaining compliance with regional data residency requirements.

For additional safety, data in the secondary (recovery) site is maintained in a read-only format, preventing unauthorized modifications while ensuring business continuity. Both primary and secondary data centers are equipped with multiple ISPs for enhanced reliability.

For more details, visit Zoho's Datacenter

How quickly can my data be recovered after a disaster?

In case of failure of the primary DC, the secondary DC takes over and the operations are carried on smoothly with minimal or no loss of time. Incase of database failure, Recovery Point Objective (RPO) is 30 minutes and Recovery Time Objective (RTO) is 60 minutes.

What is your RPO and RTO ?

Recovery Point Objective (RPO) is 30 minutes and Recovery Time Objective (RTO) is 60 minutes.

How do you ensure my data is always available to me?

Zoho ensures high availability of your data through multiple layers of redundancy and robust infrastructure. Here’s how:

• Redundancies at Multiple Levels: Zoho has built redundancies across various layers, including infrastructure and Internet Service Provider (ISP) levels. This ensures that if one component fails, another seamlessly takes over, minimizing disruptions to service.
• Data Replication: Data from the primary data center is continuously replicated to a secondary data center. In the event of any issues at the primary data center, the secondary data center can take over, ensuring uninterrupted access to your data. 
  Even if the primary data center faces issues, a read-only version of Zoho apps is always available from the secondary data center. This allows users to access their data, ensuring business continuity.

These measures are designed to provide consistent and reliable access to your data, even in the event of unforeseen disruptions.

Performance and SLA

How do you ensure the optimal performance of your system?

To ensure the optimal performance of our system, we have a comprehensive approach that includes proactive maintenance, monitoring, and continuous optimization.

• Continuous Monitoring and Analysis: We use advanced internal performance monitoring tools to track system performance and analyze customer usage trends. These tools allow us to identify areas for improvement, detect performance issues, and quickly address any anomalies.
• Proactive Issue Resolution: In the event of degraded performance, the system automatically triggers alerts to notify our team. This ensures that we can take prompt action to resolve any issues and restore optimal performance, minimizing any disruption to users.
• Vulnerability and Patch Management: We have a standard operating procedure for vulnerability and patch management. This involves regularly applying operating system patches and software updates to fix known vulnerabilities, prevent security risks, and ensuring that the system remains secure, stable, and up-to-date.

Through this combination of monitoring, timely updates, and performance benchmarks, we maintain a high standard of system reliability and user experience.

What is your availability SLA commitment?

Our Service Level Agreement (SLA) commitment guarantees 99.9% monthly uptime. We have implemented redundancies at various levels, from infrastructure to ISPs, to ensure uninterrupted service. Data from the primary data center is replicated to a secondary data center, where a read-only version of Zoho apps is always available. This ensures seamless access even in the event of an issue at the primary data center. You can track the service availability across all Zoho services at https://status.zoho.com/.

This uptime guarantee excludes any downtime caused by scheduled maintenance or updates, which will always be announced in advance on our online platforms. We prioritize transparency and work to ensure that any necessary maintenance does not disrupt your experience.

How do you measure the performance of your system?

We utilize advanced industry standard third-party monitoring tools that analyze customer usage trends and capture essential data to assess system performance. These tools help us proactively identify and troubleshoot any performance issues reported by customers. Additionally, if degraded performance is detected, the system automatically notifies our team, allowing us to take immediate action to resolve the issue and maintain optimal performance.

Miscellaneous 

Does your solution support mobile access and offline functionality?  

Zoho Creator applications, designed for the web, ensure seamless access across a range of devices including iPhones, iPads, and Android devices. The platform automatically takes care of responsiveness, whether users access a rebranded mobile app or access the application through Creator's native app or a mobile browser. This comprehensive approach ensures consistent usability and functionality across diverse devices, enhancing user experience. Every business or organization, when considering its mobile presence, comes across the question of whether to build a mobile app, a mobile website, or both. The answer to this primarily depends on factors such as the purpose of the mobile presence, the desired end-user experience, and the budget. The advantage of building your custom applications using Zoho Creator is that you get all this out of the box, and for free. Creator offers extensive accessibility support, compatible with the majority of web browsers, android, and iOS versions.

Access App on Web: Zoho Creator applications can be accessed seamlessly through a web browser on a desktop or laptop. Users simply need to log in to their accounts to begin working from any location.

Access app on iOS: The Zoho Creator native app for iPhone offers mobile access to all your Zoho Creator applications. The app is available for download from the App Store.

Access App on iPad: The Zoho Creator native app for iPad offers mobile access to all your Zoho Creator applications. The app is available for download from the App store.

Access app on android: The Zoho Creator native app for Android offers mobile access to all your Zoho Creator applications. The app is available for download from the Google Play Store.

Access app as Progressive Web App (PWA): PWA enables a native, app-like experience on a mobile browser. Users will be able to access your apps from any mobile device that supports browsing the internet. The minimum supported versions are Android app requires 5.1 and later version and iOS app requires 11 or later version, ensuring compatibility with most modern devices.

Rebranded mobile apps: Zoho Creator enables you to download your creator application as a separate mobile app for iOS and Android devices. This feature helps morph the functionality of Zoho Creator into an app representing the organization of the admin.

What infrastructure do I need to use Zoho Creator?

Zoho Creator is a cloud-based platform, meaning it is designed to be accessible from virtually anywhere on the go using a web browser or mobile app. To use Zoho Creator effectively, you need the following:

• Stable Internet Connection: A stable and reliable internet connection is essential for accessing Zoho Creator and ensuring smooth operation, especially when working with large datasets or engaging in real-time collaboration. While Zoho Creator does not have a specific minimum bandwidth requirement, we recommend a 4 Mbps connection for optimal performance, particularly when handling large datasets.
• Compatible Device: You can access Zoho Creator on various devices, including:

• Desktop or Laptop: Running an operating system like Windows, macOS, or Linux.
• Tablet or Smartphone: Using Android or iOS with the Zoho Creator mobile app installed for on-the-go access.

• Web Browser: For desktop users, Zoho Creator requires an up-to-date browser for optimal performance. It works best with popular browsers like Google Chrome, Mozilla Firefox, Microsoft Edge, and Safari.
  For mobile users, Zoho Creator is accessible via mobile browsers and supports Progressive Web Apps (PWAs), providing a seamless experience across devices.
  Supported Browsers

• Google Chrome version 94 or above
• Mozilla Firefox version 102 or above
• Safari version 13 or above
• Microsoft Edge version 111 or above

• Mobile App: For mobile users, the Zoho Creator app is available for download from the Google Play Store and Apple App Store. The app allows you to access your apps, perform tasks, and receive updates directly on your device. The minimum supported versions are Android app requires 5.1 and later version and iOS app requires 11 or later version, ensuring compatibility with most modern devices.
  Zoho Creator also offers native mobile apps for both Android and iOS, ensuring an optimized user experience. Additionally, mobile SDKs are available for developers who wish to build custom mobile applications using Zoho Creator's capabilities. 

Zoho Creator’s cloud infrastructure ensures you don’t need to worry about maintaining servers, updates, or backups, making it a versatile and user-friendly platform for businesses of all sizes.

Do you have an SIEM tool?

Related Help Docs

• Know Your Datacenter
• Security
• Privacy Policy
• Encryption Whitepaper

Related FAQ Pages

• Zoho Creator - Starter Guide
  
• Security and Privacy FAQ
• Security FAQs
• Privacy FAQs