Feature update: Advanced security settings

Feature update: Advanced security settings

We've previously written about how using security policies could be beneficial for admins. To enable you to better protect your organization, we've come up with a few additional settings for security policies in Zoho One that can be used to regulate your users' web sessions.

What are web sessions?

A web session refers to the period of time you stay signed in to your Zoho One account. You create a new web session every time you sign in to Zoho One (or any of its included apps), and this session exists until you sign out.

Why is session management important?

Although defining web sessions is easy, managing them isn't. As end users, we often create new web sessions (and forget them) without even realizing it. Today, everyone has at least two devices and uses at least two browsers (and a few in-app mobile browsers) in each of those devices. On top of this, we often use a friend or relative's device to type out a late-night email or reply to a colleague's message. Every time we sign in to our account on these various browsers, we end up creating concurrent web sessions. However, we rarely sign out of these sessions manually, resulting in unaccounted sessions.
These unaccounted sessions could expose your organization's data to insecure devices or software, and consequently to malicious parties.

How to use session management to mitigate these threats?

As an admin, you can now enforce a secure session management policy for your entire organization using these three settings:
  • Session lifetime
  • Idle session timeout
  • Concurrent sessions

Regulating session lifetime

Session lifetime refers to the maximum period of time a user can stay signed in on a browser or device before being forcefully signed out of it. If your session lifetime is set as 30 days, you'll be signed out 30 days after signing in to your account, even if it is on a browser or device that you use everyday.

Setting up idle session timeout

Idle session timeout refers to the maximum period of time users can sign in and stay inactive on a browser or device before being forcibly signed out of it. For example, assume your idle session timeout is set as three hours. If you spend more than three hours away from Zoho One, you'll be automatically signed out.

Limiting concurrent sessions

Concurrent sessions refer to multiple sessions present in different browsers or devices at the same time. For example, you might be signed in to your account on your laptop as well as your mobile at the same time. Or you might be signed in on two different browsers in your laptop at the same time. Limiting the number of concurrent sessions you're allowed to have will protect you from creating too many unaccounted sessions. Once you reach the maximum number of sessions, you'll be forced to clear your older sessions, thereby signing you out of all other sign-ins.

Besides enforcing these settings through security policies, you can also use the Account Activity subtab in a user's information screen to monitor and manage an individual user's active sessions.
To learn more about configuring session management, go through our Knowledge Base article on it.

We hope this was useful. Have any thoughts or questions about the new feature? Drop a comment, and we'll discuss.


    • Sticky Posts

    • Connect with Zoho users from your industry, virtually!

      A couple of years ago, we started setting up industry-wise channels for users with similar businesses to chat and discuss Zoho contextually. We started with Real Estate and E-commerce sectors, creating a chatroom and hosting regular meetups on niche areas

    • Feature update: Advanced security settings

      We've previously written about how using security policies could be beneficial for admins. To enable you to better protect your organization, we've come up with a few additional settings for security policies in Zoho One that can be used to regulate your users' web sessions. What are web sessions? A web session refers to the period of time you stay signed in to your Zoho One account. You create a new web session every time you sign in to Zoho One (or any of its included apps), and this session exists

    • Recent Topics

    • Would like to create a bounce-back for incoming emails

      Hi all, I have a catch-all address, now from this I would like Zohomail to bounce back specific email addresses to the sender. Would like the server to send back an email from zoho servers stating that the intended addresse is no longer valid. while retaining

    • Cambiar nombre de usuario

      Hola. Tengo una cuenta en zoho, por ejemplo Minombre @ midominio.es Y quiero cambiarlo a Miotronombre @ midominio.es Se puede cambiar??? Con la cuenta gratuita de zoho, cuantos nombres puedo tener en un dominio??? Gracias y buen dia

    • Update multi-select lookup via API? Or allow for import of multi-select Lookups?

      When will the ability to update a multi-select lookup via API be available? Also when will we be able to import a record with multi-select lookups? I understand a linking module can help with this, but linking modules in our scenario would only be used

    • Undelivered Mail Returned to Sender

      Hello I set up Zoho with the the correct MX and TXT records and outgoing mails are workingfine, where as all incoming mail is getting blocked with the error message 550 What is the way to fix this? I am at a point where I don't know that to do. Would

    • Circuite fail because www.zohoapis.com:443 refuse conection

      Is anyone else experiencing this issue? A few weeks ago, I started having issues with circuits failing due to www.zohoapis.com:443 refusing the connection. The error message is quite clear and points to a problem on Zoho's API server, rather than with

    • Error in connecting to WorkDrive

      I'm trying to write a script to look in a specific WorkDrive folder and if there is a csv or xslx file, copy it to a different folder with a modified filename. That gave me the error: {"errors":[{"id":"F6016","title":"URL Rule is not configured"}]} So

    • Help with Zoho Books Deluge code error

      I have this deluge code im writing for Zoho Books button, it throws an error: Check and update the code in line 12 as there is a Exception : Error at line :14 Improper Statement Error might be due to missing ';' at end of the line or incomplete expression

    • Add additional field to quick search results

      IN the advanced search, we can add any field to the columns. In the regular search results (before you press enter, there is no option to modify the results. It would be super useful to include a custom field where it currently displays the pipleine

    • Problem - cant add Users (i.e. Zoho one / CRM Users) to BCC or CC in email, i.e. Sales orders or Retainers

      I can go to zoho books email templates, and select any email template, and automatically include any Zoho One user, i.e. member of staff. However in the context of sending an email, it will not let us add a member of staff from the user list, instead

    • Is there a way to show contact emails in the Account?

      I know I can see the emails I have sent and received on a Contact detail view, but I want to be able to see all the emails that have been sent and received between all an Accounts Contacts on the Account Detail view. That way when I see the Account detail

    • Referring to Zoho user groups in Deluge?

      Hello, I am wondering whether it is possible to refer to Zoho user groups (with whom the application is shared) in Deluge. I currently restrict records to be viewable only if the login user created the record, but I would also like to make all records viewable if the login user belongs to group X. Thank you.

    • Zoho Books CREDIT LIMIT is completely USELESS due to a BUG!!! Please fix it ASAP!!

      Credit Limit should not be taken into account if payment terms on the Invoice are without credit. If selected Credit 0 days (Prepayment) why in this world would a notification pop up saying credit limit is exceeded and not allowing to create an invoice?

    • Mail Merge - unable to send more than 50 email

      Hi, I've subscribed to the pay email service because of the Mail Merge feature. However, I've found that this feature only allow to send up to 50 emails. I've to attach a screenshot for your reference. This limitation is not mentioned anywhere in service.

    • Auto-sync field of lookup value

      This feature has been requested many times in the discussion Field of Lookup Announcement and this post aims to track it separately. At the moment the value of a 'field of lookup' is a snapshot but once the parent lookup field is updated the values diverge.

    • Records not showing immediately.

      Hi, I keep coming across a problem when records are inserted, updated or deleted via deluge, the changes / new records or deletions aren't visible in the form's report. (Even after refreshing and clearing browser cache). I am experiencing this issue in both Google Chrome and Firefox. The records will eventually show up, but the delay can vary wildly. Below screenshot shows the report still showing a record which has been deleted via deluge.  When clicking "edit" on the record, Zoho displays a single

    • Email signature duplicate

      Hi, For a few weeks, opening the email writer would show an error. After clicking ok, the signature would change slighty (font size, I believe). After that it worked fine, so we thought nothing of it. However, now it no longer shows the error puts the

    • I can't auto-scheduling calls down - the code does not change anything

      Hi, I was trying to set a function that auto-schedules calls based on their call result; i.e "Requested more info". I had also included a reminder to send an email in the code. I logged a test call and nothing changed. Is there anything wrong with the

    • customers enter orders?

      Anyway we can let a customer into CRM and enter their own orders , no access to anything else except history reports, no access to any other contacts. Greg Aanes 2109 Queen Street Bellingha WA USA

    • Can I associate a lead with an account?

      Hello, Can I associate a lead with an account?  The only way I can do this at the moment is if I convert them from a lead.  But we have a situation where we have multiple leads for one customer so I will need to see both leads when I am viewing this customer. Thanks. Jason

    • 404 error for sites

      I'm getting a 404 error for all the sites that I created...they were working just 4-5 hours ago....

    • Default view to Gantt

      Greetings How does one set the default view to Gantt?

    • How to add two columns in Zoho forms

      I would like to have two columns in Zoho forms. How can i enable two columns?

    • Condition in templates

      Is it possible for me to add merge field conditionally in my templates. For example Dear ${Leads.Gender == "Male" ? "Sir" : "Ma"},

    • Group Sales Inbox with subfolders

      I am looking for the most effective way to create a group inbox.  I am exploring Zoho coming from a CRM where we have a group sales inbox, which is divided into 3 subfolders depending on which language the sender is sending the mail to.  We have an English, Spanish and French email address where,each message is going to one of the subfolders in the main sales inbox. I have only been using the Zoho system for a few days and am trying to set it up the most appropriately and would like to know how this

    • Zoho Support / Microsoft Outlook integration

      Is there integration between Microsoft Outlook and Zoho Support?  If so, can you point me to the related documentation?  I'm trying to understand how that would work.

    • Why cant I add users to my Portal, Workspace or Base?

      When trying to add users a view within my base, the users arent appearing. They are part of my organisation user list and should be available for selection when sharing a view within a base, but they arent popping up to select. What could the issue

    • Zoho Desk Invite

      I'm trying to send an invite via Zoho Desk to the email nwc.hd@telecare.com.sa using my account in Zoho desk rmsh7777.rs@gmail.com but the invitation or email is no received. I need your kindness to activate the account, please.

    • How can I make a part of a form be divided into two columns?

      Hi, i have a form, and i want to have 2 columns in the form but not completely, so, the first part of the form have 1 column but in the bottom of the form, i want 2 columns, how can i do? Thank you.

    • Get a realistic picture of your revenue with Forecast Adjustments in Zoho CRM

      #crm25q1 Dear Customers, We hope you're doing well! Today, we're here with an important enhancement for business decision makers: forecast adjustments. Let's get straight to it! With technology on the rise and CX at its core, businesses are constantly

    • Filter timesheet by log title

      Hello, is there a way to filter timesheets by log title (or to group by log title). Thank you

    • We are being told that emails sent to us bounce back on first attempt, then go through upon the second attempt. How do we fix this?

      As the title suggests, when interacting with another business today (one that is also using their own domain emails) we were told that each time they sent an email to us, it would bounce back upon the first attempt, only to go through successfully upon

    • MA 2.0 Email Footer

      Good day, I recently went through the nightmare of upgrading from MA 1.0 to MA 2.0 and continue to experience more problems or missing features and settings. In this particular case, I am trying to find where and how to edit the Email Footer in MA 2.0.

    • Show both Vendor and Customers in contact statement

      Dear Sir, some companies like us working with companies as Vendor and Customers too !!! it mean we send invoice and also receive bill from them , so we need our all amount in one place , but in contact statement , is separate it as Vendor and Customer, 

    • Workflow Based on Manual Journal

      Manual journal entries are one of the few areas that cannot kick off a workflow automation in Zoho Books currently. I would propose considering adding that. My use case is that the payroll provider I use (a flavor of SurePayroll) has a Zoho Books automation

    • Assistance needed in transition if firm is converting into company

      Hello! Our sole proprietor firm is converting into private limited company. I would like to know what needed to be done in zoho books for such case. what are steps that needed to be perform for transition process in our zoho books organization profi

    • Partner with HDFC And Sbi Bank.

      Hdfc and sbi both are very popular bank if zoho books become partner with this banks then many of the zoho books users will benefit premium features of partnered banks.

    • Zoho Creator Upcoming Updates - March 2025

      Hello everyone, We hope you’ve had the chance to explore Release Projection 1 for 2025! This month, we’re keeping up the momentum by bringing even more powerful features and enhancements to Zoho Creator. Here's what you can expect in March: App menu builder

    • Permission Update Failed

      Dear Sir, I have downgraded from the trial paid plan to Free Plan. I am logged in as CEO - Administrator and trying to change the profile permission but getting error - Permission Update Failed. Please see the screenshot. In most of the pages I am getting

    • Calculating Project Margins and Revenue per Hour in Zoho Analytics Using Data from Zoho Projects and Zoho Expense

      Hello, I would like to know if it's possible to use Zoho Analytics to calculate taxes and margins for the projects available in Zoho Projects, while also including the expenses recorded in Zoho Expense. I’m looking to build a dashboard that calculates

    • How to install Widget in inventory module

      Hi, I am trying to install a app into Sales Order Module related list, however there is no button allow me to do that. May I ask how to install widget to inventory module related list?

    • Next Page