Secure Connect in Zoho Assist: Enforcing a fortified verification layer beyond credential-based access

Unattended access is one of the most powerful features in any remote support toolkit. It lets technicians connect to devices without an end user present, which is a huge time-saver for routine maintenance, monitoring, and after-hours support. But that same convenience raises a real security question: credentials can be shared, borrowed, or compromised. 
Secure Connect in Zoho Assist adds a second layer of verification on top of existing access controls. Even when credentials check out, every technician must pass an additional authentication step before connecting to an unattended device.

Key capabilities

MFA-gated unattended access

When Secure Connect is enabled, technicians are prompted to complete MFA before connecting to any unattended device configured in the organization. The authentication requirement applies across the board and there is no way to bypass it for a quick check.

Reauthentication timeout

Requiring full MFA for every single reconnect would slow technicians down during active maintenance windows. Secure Connect solves this with a configurable reauthentication timeout. Within the set time window, a technician can reconnect to the same device without completing authentication again. Once that window expires, or when the technician switches to a different device, authentication is required again.

Device exclusions

Not every device in your organization carries the same sensitivity. Secure Connect lets you exclude specific unattended devices from the authentication requirement when needed. Excluded devices are listed clearly in settings, and you can remove exclusions at any time.

What this means for IT and security teams

For IT admins and security-conscious organizations, Secure Connect closes a meaningful gap. Unattended access sessions happen outside business hours, without an end user watching, and often without a recorded request. In that context, credentials alone are a thin line of defense. Adding MFA as a mandatory gate means every session has a verified user behind it, not just an authenticated account.

How to enable Secure Connect in two simple steps

Secure Connect settings are only accessible to Super Admins. Before enabling it, MFA must be configured in your Zoho account.

Step 1: Navigate to Unattended Access > Settings > Secure Connect.

Step 2: If MFA is already configured, enable the "Authenticate before connecting to unattended devices" checkbox. If not, click Setup MFA, complete the configuration, then return and enable the option.

• To set a reauthentication timeout, specify your preferred time period within the Secure Connect settings.

• To exclude specific devices, click Add an Exclusion, select the devices, and confirm. Excluded devices appear under the Excluded Devices section and can be removed anytime using the delete icon.

Getting started

If your organization uses unattended access at any scale, Secure Connect is worth enabling. The setup takes a few minutes, the impact on technician workflow is minimal, and the security benefit is immediate.

Enable Secure Connect now and add the verification layer to keep your unattended sessions protected.