Security Enhancements | Migrate to the Updated Policies

Security Enhancements | Migrate to the Updated Policies

Hello everyone,

Zoho Directory's security policies have been updated and reorganized into three new policies with features that enhance the overall organization security. These policies provide a stronger and more secure sign-in methods and improve the user authentication experience.

Earlier, security policies comprised four dedicated components: Password Policy, Multi-Factor Authentication (MFA), Allowed IPs, and Advanced Settings. Based on these components, each group was assigned a policy that determined their sign-in process. Depending on their roles and responsibilities, the sign-in method varied and upon successful authentication, users were granted access to Zoho Directory.



With the latest update, the policies are divided into three parts: Conditional Access Policies, Routing Policies, and Security Policies.
  1. Routing Policies acts as an initial check when a user signs in. 
  2. Conditional Access Policies determines whether the user's access should be allowed or denied based on the predefined criteria.
  3. Security Policies provide you with a dedicated Password Policy and Session Settings.
Additionally, Custom Authentication has been renamed and is now a part of Routing Policies.

New Policies:



To understand how your existing policies are handled and mapped to the new policies during the migration process, click here.

Before migrating to the updated policies, quickly review how the policies are changed.

Existing Policies
Updated Policies
Password Policy
Security Policies

Password Policy is a part of Security Policy. Learn more.
Multi-Factor Authentication (MFA)
Conditional Access Policies

Multi-Factor Authentication (MFA) is a part of Conditional Access Policies.
MFA acts as an Action (Allow with MFA) under this policy. Learn more.

Allowed IPs
Conditional Access Policies

Allowed IPs is a part of Conditional Access Policies. It acts as a condition (IP address) under the policy.

Advanced Settings

1. WEB SESSION MANAGEMENT

2. LOCK PERIOD SETTINGS

1. Routing Policies

Session Lifetime and Idle Session Timeout are a part of Session Settings under Routing Policies.

2. Security Policies

Concurrent Sessions, and Lock Period Settings are a part of Advanced Settings under Security Policies.

Custom Authentication
Routing Policies

This section is renamed as Identity Providers and can be enabled via Routing Policy. Learn more.

How to Migrate?

Existing users with pre-configured policies will come across the Migration Page, which guides them through reviewing, resolving the conflicts and adopting the new policies. On this page, you will be required to complete the steps before migrating.

  1. Demo: Watch a quick demo to understand what’s changed and updated.
  2. Read the Changes: View a detailed document that outlines all the updates.
  3. New Admin Role: Configure the new admin role to replace the existing Helpdesk Admin role as it will no longer have permission to manage security operations.
    Note: This section is displayed only if at least one user is assigned to the Helpdesk Admin role.
  4. Custom Admin Role: Review the changes in the custom roles. 
    Note: This section is displayed only if a custom security role has been created and assigned to a user.
  5. Sandbox Mode: Preview the updated policies in sandbox mode before migrating
After completing these steps, you can proceed with migrating to the updated security policies.

FAQs

  1. What happens if I don't migrate? 
    You can continue using the existing security policies (old version) until you migrate to the updated policies.
  2. What will happen to my existing policies? 
    Your existing security policy configurations will be migrated to the new policy framework. To understand how your existing policy setup is mapped to the updated policies, click here.
  3. Who can perform this migration? 
    Only the Organization Owner or Organization Admin can perform the migration.
Regards,
The Zoho Directory Team.

    • Recent Topics

    • Ability to turn off "Would you like this amount to be reflected in the Payment field?" message

      Team, Is there any way to turn off the message" Would you like this amount to be reflected in the Payment field?" when I make a payment? This is so annoying. This happens EVERY TIME I put an amount in the Payment Made field.

    • Unlock agreement intelligence with Zoho Sign's latest AI updates

      Hello! If you've been struggling with long, complex agreements and spending way too much time on them, here's exactly what you'll want to hear: Zoho Sign now integrates with OpenAI's ChatGPT to make agreement management smarter and simpler. Acting like

    • Currency abbreviations

      Hello, Im stuck, and need help. I need the currency fields for example, opportunity value, or total revenue, to be abbreviated, lets say for 1,000 - 1K, 1,000,000 - 1M, and so on, how should I do this?

    • Embed Sign Document

      Has anyone tried embedding a document in a webpage? I'm building a webpage (using PowerPage) and I'm trying to embed it using an iframe then I got this error: Refused to display 'https://sign.zoho.com/' in a frame because it set 'X-Frame-Options' to

    • We’re transitioning from Zoho ShowTime to TrainerCentral

      Hello everyone, Zoho ShowTime was originally built as a training platform to serve training agencies, HR teams, and individual trainers. As the platform grew, we realized that more creators and businesses could benefit from its capabilities. That’s why

    • Emails Are Not Being Delivered to My Inbox

      Hello Zoho Support Team, I am experiencing an issue with my Zoho Mail account. The most important problem is that emails are not being delivered to my inbox. Details: My Zoho Mail address: info@coreforcelife.com What happens: I am not receiving any incoming

    • Radar In Focus: Track customer support metrics using Radar's static reports

      Hello everyone, Welcome back to the Radar In Focus series, where we explore how Radar features can add value to your business. In this episode, we're looking at Radar static reports. The help desk is filled with vast amounts of data that can be analyzed

    • Mail ToDo & Tasks Webhooks

      Our company uses Zoho ToDo inside Mail to manage our tasks. When I create a task and assign it to a team member it does not notify them unless I add a reminder via mail. I'm trying to create a webhook for when a task is created to send a cliq message

    • Improved UI for a Seamless User Experience - Calls, Tasks, and Meetings

      Hello all, We are making UI unification across CRM so that the UI experience is seamless across the product. As part of that effort, we have made changes to the details page of activity-based module records—Meetings, Calls, and Tasks. Let's look at these

    • Where can I find rejected inbound mails and their reason for rejection

      Hi, I was recently made aware by a mailing list which I am subscribed to (ffmpeg-devel@ffmpeg.org) that my Zoho mail Mail account is rejecting some emails. If I look under Admin Panel > Security & Compliance > Quarantine > Incoming, the list there is

    • Refund

      Hi There, Please refund me asap possible, because of no support given. Thank you

    • تغيير عمله الدفع"Change payment currency"

      ما هى طريقه تغيير عمله الدفع "ما هي طريقة تغيير عملة الدفع؟"

    • Attention API Users: Upcoming Support for Renaming System Fields

      Hello all! We are excited to announce an upcoming enhancement in Zoho CRM: support for renaming system-defined fields! Current Behavior Currently, system-defined fields returned by the GET - Fields Metadata API have display_label and field_label properties

    • Zia's ability to generate and improve content extended to Desk mobile app (iOS and Android)

      In support, agents will have to understand customers' pain points completely to provide empathetic personalized solutions and a positive experience. However, at times, agents might find it challenging to comprehend the customer issues and connect with

    • BANK FEED - MAYBANK , provider from YODLEE IS NOT WORKING

      As per topic, the provider YODLEE is not working for the BANK FEED. It have been reported since 2023 Q3, and second report on 2023 Q4. now almost end of 2024 Q1, and coming to 2024 Q2. Malaysia Bank Maybank is NOT working. can anyone check on this issue?

    • Zoho Sign product updates - Q3 2025

      Hello everyone! Q3 was all about AI. Here's the list of features and enhancements that have gone live, along with a list of what we have in pipeline for the last quarter: AI-powered agreement management Sending documents and authenticating recipients

    • Zoho sites header

      Good day, Im stuck with this situation. I choose a template for my website creation. I have tweaked every instance of the visual editor, regarding the header, I have created created customize fonts presets... I have followed every single step. and my

    • Kaizen #152 - Client Script Support for the new Canvas Record Forms

      Hello everyone! Have you ever wanted to trigger actions on click of a canvas button, icon, or text mandatory forms in Create/Edit and Clone Pages? Have you ever wanted to control how elements behave on the new Canvas Record Forms? This can be achieved

    • DNS set up

      I want to create an email with my company domain. When I tried to add new record with cloudflare it didn't work. The DNS record can't be manually added. I followed the instruction but still can't add it. Could you help?

    • Pocket from Mozilla is closing shop. Don’t lose your favorites . Move them to Zoho Mail Bookmarks now! 📥🔖

      The end of Pocket shouldn't mean the end of your important links and content. Easily import them into Zoho Mail's Bookmarks and continue right where you left off. You can bring over your entire Saves, Collections, and tags just the way they are. Bookmarks

    • General suggestions

      Hello, I've picked this forum as it is at the top of the list! :) First suggestion: A general forum for issues and comments that are not specific to a particular Zoho application. Second suggestion: Put a link on the home page to "Zoho Identity Access Manager" The first suggestion came about because I didn't know where to post the second! ;) Regards Mark

    • Can't upload attachments.

      I can't upload attachment in Zoho Mail.

    • Need Guidance on SPF Flattening for Zoho Mail Configuration

      Hi everyone, I'm hoping to get some advice on optimizing my SPF record for a Zoho Mail setup. I use Zoho Mail along with several other Zoho services, and as a result, my current SPF record has grown to include multiple include mechanisms. My Cloudflare

    • How use

      Good morning sir I tried Zoho Mail

    • Zoho Mail Desktop App Not Loading + Can’t Manage Multiple Accounts

      Hi everyone, I’ve been having ongoing issues with the Zoho Mail desktop app for the past few weeks. The app starts to load but gives up midway and never actually opens — there’s no error message, it just stops loading. The main reason I use the desktop

    • Error when sending emails from Zoho

      Hello, When trying to send an email from Zoho CRM I keep getting the below error: javax.mail.AuthenticationFailedException: 535 5.7.139 Authentication unsuccessful, the user credentials were incorrect. Any support on this will be much appreciated. Thanks,

    • Not all emails from outlook365 migrated to my new zoho account

      I recently setup a new email address hosted by zoho. I migrated all my folders and email from my Outlook365 account to my new zoho account, but not all my emails migrated. Looks like only the past 12 months, or so, made the move. How do I get the rest

    • Max numbr of IMAP Accounts in Zoho Mail?

      In Zoho mail, you can manage the inboxes of other accounts using IMAP (and POP, actually) https://www.zoho.com/mail/help/external-imap-accounts.html Is there a max to the number of inboxes we can add?

    • Formula Fields Trouble

      Hi,  I can't get even a simple formula field to work and must be doing something dumb. This formula: If(Len(Trim(${Quotes.Subject}))=0,1,2) Gives the error: You used the wrong type of data in an argument. Check what you entered between the parentheses of your functions to make sure you put the right kind of data in the right place. This formula: Len(Trim(${Quotes.Subject}))=0 Gives the error: Syntax Error. Check the examples for any functions you're using to see if you formatted them correctly. Make

    • OPTED FOR STORAGE BY DESCRIPTIVE MISGUIDANCE

      We've opened a domain with three mail ids and payment has also been processed now the bill raised is for single use ID with additional storage capacity. Kindly request you to modify the purchase.

    • How can I add a new organization on Zoho Campaign

      I want to create a new organization with my Zoho Campaign

    • www.abc.com is working but abc.com is not

      I have my domain in godaddy. I have created a website using zoho sites and now I want to publish it and I tried doing it. Mapped the domain www.abc.com, abc.com. In godaddy changed the CNAME values. A, @ was parked and updated with zoho's IP address.

    • Split my account

      Hello, I recently bought an email service for a friend. But, looks like I used my personal account to buy the plan. Please split the account so that the email service stays in a different account than my personal account.

    • Have Mail Lite, wish to add/purchase 2nd domain and use email

      Hello, I have recently created two new businesses. I have successfully used Zoho to create a domain for one business and have set up two email addresses / users on that domain. I am trying to figure out how to create a second domain, just like I did the

    • Need support in setting up the company email and few other setups

      Need support in setting up the company email and few other setups

    • This mobile number has been marked spam.

      Dear zoho team, I am very happy to use zoho,because it india 🇮🇳 own app, but when we login into zoho account we facing some issue, please solve below issue ASAP. Add your mobile number As an added security measure for Accounts, you need to verify and

    • Add an external email to the allowed list

      I need to allow an external email to raise a ticket on Manage Engine ServiceDesk Plus. The external email is a outside of our domain and is not a domain user. The email address that needs to be allowed to raise a ticket request is noreply@formsatack.com.

    • Display name & account type change

      I made a mistake and subscribed with an individual account instead of business, how can I change the account type and enter the details of the business. The other question, if I can't, then I want the display name of our email to be 'Business name' instead

    • Request to change display name in Zoho mail

      Hello Zoho Mail Support, I am experiencing an issue with changing the display name on my Zoho Mail account. My email address is: info@witchcraftproduction.rs . I have already updated the display name in Settings > Mail Accounts, where it now shows as

    • Outbound IP address SPAM problem.

      Hello Zoho Support, We noticed that one of your outbound IP addresses (136.143.188.12), which delivers our domain’s mail, is currently listed on the UCEProtect blacklist. Because of this, our messages are sometimes flagged as spam by recipient servers.

    • Next Page