Security Dashboard

Security Dashboard

The Zoho Vault Security Dashboard acts as a central command center for organizations to monitor and enhance their security posture. It offers a clear, actionable overview of potential vulnerabilities, password health, and usage patterns to proactively address risks and strengthen overall security.

Unified view for personal and organizational security

The dashboard provides a unified view, allowing a switch between My Dashboard and Team Dashboard to offer a complete perspective on both individual and organizational security.
  1. My Dashboard: This view focuses on an individual user's security habits. It helps track their personal password strength, identify any compromised credentials linked to their account, and monitor their usage patterns. It functions as a personalized security audit, ensuring their own digital footprint is secure.
  2. Team Dashboard: This is where administrators gain a comprehensive view of their organization's collective security. Administrators can monitor overall password health across departments, identify common vulnerabilities, track usage patterns, and understand the team's general security maturity. 
Notes
Note: The Team Dashboard is visible to administrators only.
To access the Security Dashboard:
  1. Log in to your Zoho Vault account.
  2. The Security Dashboard will be visible as the first tab on the left side of the interface.

Breached password detection

Zoho Vault integrates with Have I Been Pwned to scan stored passwords against a global database of known breaches. This scan is performed directly from the user's device, ensuring no data leaves their system and maintaining absolute privacy. This feature helps identify and eliminate compromised credentials before they become a threat. Learn how to enable breached password detection.

Password assessment score

The password assessment score provides a comprehensive health check on password security. It goes beyond simple strength meters by analyzing various factors to give a nuanced understanding of potential weaknesses. The dashboard instantly highlights red flags, including:
  1. Reused, old, and recycled passwords: Identifies instances where users are recycling the same password across multiple accounts.
  2. Weak passwords: Flags passwords that are too short, lack complexity (e.g., no special characters, numbers, or mixed case), or are easily brute-forced.
  3. Contains username: Pinpoints credentials that use common patterns, sequential numbers, or easily identifiable personal information.
  4. Dictionary words/usernames: Automatically detects passwords that are simply dictionary words or directly incorporate usernames, which are highly susceptible to dictionary attacks.

Password validity period

Password validity helps maintain proactive security by highlighting credentials that are nearing their expiration date. This feature helps the user adhere to security best practices by encouraging timely password updates. As an administrator, you can even nudge users to update expiring passwords, ensuring continuous adherence to your security policies and external audits. Learn more about password policy enforcement.

To set password validity:
  1. Navigate to the Settings tab.
  2. Select Password Policy.
  3. Click Add to create a new password policy, or Edit an existing one (note: the three default policies cannot be edited).
  4. Enter the policy name and other constraints.
  5. Set a timeframe under Recycle Passwords according to your preference, then click Save.

Security pros and non-compliant users  

This feature is designed to strategically encourage better security practices within a team by providing visibility into user performance:
  1. Security pros: Zoho Vault identifies and highlights the top ten users with the highest security scores. This can serve as positive reinforcement, encouraging others to follow and fostering healthy internal competition toward better security.
  2. Non-compliant users: Conversely, the dashboard lists the bottom ten users who may have lower security scores or are non-compliant with policies. This allows administrators to reach out to these individuals, offer support, and provide specific training or resources to help them improve their password hygiene, ultimately building a stronger and more secure culture across the board.

Deeper security insights  

Zoho Vault’s Security Dashboard goes beyond surface-level statistics, offering deeper visibility into password behavior that transforms raw data into actionable insights.
  1. Most accessed credentials: Helps understand which passwords are being used most frequently. This can highlight critical assets that might require additional layers of security or more frequent auditing.
  2. Password distribution across categories: Shows how passwords are organized across different categories (e.g., financial, social media, internal tools). This helps assess risk by understanding where the most sensitive information resides and if there are any imbalances or areas requiring stricter controls.
  3. Most active users: Identifies which users are most active in managing and utilizing passwords within the vault. This can help in understanding workflow patterns, identifying potential power users for training, or flagging unusual activity.