What is IP-based restriction?
IP-based restriction is a security feature that allows administrators to restrict access to Zoho Assist based on specified IP addresses or IP ranges. This implies that only users connecting from trustworthy, permitted IP's can initiate the remote support sessions. It adds an extra layer of security to prevent unauthorized users or malicious actors from gaining access to your remote support system.
Key benefits of IP-based restriction
Enhanced security:
Ensure that only authorized users from trusted networks can access Zoho Assist. This significantly lowers the chances of illegal access, data breaches, or potential cyber threats.
Compliance with company policies:
Many organizations implement network security policies that restrict the use of external applications. IP-based restrictions in Zoho Assist align with these protocols to help ensure that only authorized staff and devices from your organization’s trusted network can access it.
Granular control:
Set specific IP ranges or addresses to limit which users can conduct the remote access sessions. This is particularly beneficial for managing geographically scattered teams or contractors.
Reduced risk of cyberattacks:
By limiting access to trusted networks, IP-based restriction prevents unauthorized users, whether external or internal, from hijacking support sessions or exploiting vulnerabilities.
Other privacy features in Zoho Assist
Zoho Assist takes data privacy and security seriously, offering several key features designed to protect user information during remote support and unattended access sessions:
Data encryption and security protocols:
To safeguard all remote connections, Zoho Assist uses TLS 1.2/1.3 protocols and 256-bit AES encryption, guaranteeing that all data shared during support is protected against unauthorized access.
Role-based access control:
This feature allows administrators to assign specific roles and permissions to users, ensuring that only those with the proper authorization can access sensitive information and vital system operations.
Consent-based access:
Customers are always in control of the session. In order to make sure that access to client systems is properly allowed, technicians must ask permission before accessing or performing certain actions.
Multi-factor authentication (MFA):
MFA offers an extra degree of protection by, requiring technicians to verify their identity through additional authentication methods such as SMS or OTP before initiating a session.
Action log viewer and session recording:
All remote support actions are logged, and sessions can be recorded. This helps maintain transparency and provides an audit trail for security purposes.
Idle session timeout:
If a session is inactive for a pre-configured amount of time, it will terminate automatically to mitigate the risk of unauthorized access during idle times.
Use cases for IP-based restriction
Organizations with a distributed workforce:
Limit access to support sessions from only your corporate network or approved home office IP addresses.
Financial institutions:
Banks and financial services firms can safeguard customer data by restricting access to employees or partners who are connecting from approved networks.
Remote teams:
Businesses working with contractors or remote employees can allow access only from secure, predefined locations to ensure sensitive systems aren't accessed from public or unsecured networks.
Industries with high-security requirements:
Industries like finance, healthcare, and government sectors can benefit from enhanced security by controlling remote access based on location.