Security Policies - Overview | Admin Guide - Zoho Directory

Security policies - Overview

General Info: The Free plan allows only the defaut security policy. The Standard plan allows up to 5 additional security policies.
Security policies are a set of customizable rules that govern how your users can authenticate themselves. They consist of four components:
  1. Password policy: This component dictates how strong the users' passwords must be and how often they have to be renewed.
  2. MFA: This component dictates which multi-factor authentication modes the user can use to sign in.
  3. Allowed IPs: This component dictates which IP addresses the user can use to sign in. Any sign-in requests from IPs that aren't allowed will be denied.
  4. Session management: This component dictates how many active sessions a user can have, and for how long.
Security policies in Zoho Directory are highly customizable as the strictness of the policy should depend on each user's privileges and responsibilities. For example, a Sales Representative might only need a fairly safe password policy, while a Payroll Manager might need a very strong password policy and MFA. A Sysadmin with access to the organization's directory will need maximum security, and should probably only be allowed to sign in from an allowed IP address.

You can configure multiple security policies and apply them to different groups based on your requirements. To learn more about how security policies are applied when a group has multiple policies, check Policy Priority.

    Zoho DataPrep Personalized Demo

    If you'd like a personalized walk-through of our data preparation tool, please request a demo and we'll be happy to show you how to get the best out of Zoho DataPrep.

    Zoho CRM Training

      Create, share, and deliver

      beautiful slides from anywhere.

      Get Started Now

              Zoho CRM Training Programs

              Learn how to use the best tools for sales force automation and better customer engagement from Zoho's implementation specialists.

              Zoho CRM Training

                Zoho SalesIQ Resources

                    Zoho TeamInbox Resources

                              Zoho DataPrep Resources

                                Zoho DataPrep Demo

                                Get a personalized demo or POC

                                REGISTER NOW

                                  Design. Discuss. Deliver.

                                  Create visually engaging stories with Zoho Show.

                                  Get Started Now

                                                        • Related Articles

                                                        • Configure allowed IPs

                                                          Whitelisting IP addresses prevents unauthorized access and strengthens your organization's security. Once this is configured, you will only be able to access your organization from the allowed IP addresses. To configure allowed IPs: Sign in to Zoho ...
                                                        • Reorder policy priority

                                                          Since multiple policies can be added to a group, policy priority plays an important part in deciding which policies will be applied to a user. Let's look at an example to understand policy priority. The group "Weekend Shift" has four members: Amelia, ...
                                                        • Configure password policy

                                                          Passwords are the most commonly used authentication factor. Many users re-use the same, insecure password for all their online accounts, compromising their organization's security. To protect yourself from this common pitfall, make it mandatory for ...
                                                        • Configure session management

                                                          A web session refers to an authenticated instance of your Zoho Directory account. To put it simply, a web session is created every time you sign in to your account from a browser or device, and is closed when you sign out. Signing in from your laptop ...
                                                        • Manage security policies for users

                                                          Apply a security policy for a single user Sign in to Zoho Directory , then click Admin Panel in the left menu. Go to Users, then click on a user. Click Security Policies, then click either Add User to Policy or Exclude User from Policy. Disable MFA ...



                                                        Watch comprehensive videos on features and other important topics that will help you master Zoho CRM.


                                                        Download free eBooks and access a range of topics to get deeper insight on successfully using Zoho CRM.


                                                        Sign up for our webinars and learn the Zoho CRM basics, from customization to sales force automation and more.

                                                        CRM Tips

                                                        Make the most of Zoho CRM with these useful tips.

                                                          Zoho Show Resources