Every business guards a treasure: its data. Now, imagine it as the crown jewel in a heist movie, with hackers in hoodies, rogue insiders, and disgruntled ex-employees in the shadows, all circling around it.
Until yesterday.
Zoho One just released new security features that stop them before they can skip through the first laser.
So, if you're a business owner or an IT admin who:
□ is looking to decode the case of who did what and how
□ is in constant paranoia, always on the lookout for a potential threat
□ is striving to filter out unverified logins in your systems and network
□ is trying to make security compliance flexible across teams without compromising safety
read on to win control, freedom, and well, good sleep. : )
BYOK: Bring Your Own Key
Cloud solutions require trust. You hand over your data, hoping it will stay secure, but hope should not be cutting it. Businesses need to hold the master key to control.
With BYOK in Zoho, you can bring your own encryption key to encrypt your business data, meaning even Zoho can't peek into your data without permission.
Should you choose to share access to your Key Encryption Keys [KEK], it can either encrypt or decrypt the DEK that Zoho provides, ensuring you have full control over your data.
How?: Just add a key from an External Key Manager (EKM) such as AWS KMS and Google KMS or upload an encrypted key manually by adding unique certificates via Zoho Directory.
Check out our step-by-step guide.
Audit logs: The breadcrumb trail
Audit logs are a digital detective's true companion. When there's chaos brewing in the team due to things like incorrect changes made in configurations or settings, it's impossible to find out the root cause if the first action through the last is not recorded.
With Audit Logs, every action performed in the Zoho One ecosystem gets recorded. Following the breadcrumb trail all the way from a click, login, and edit to a permission change helps teams understand what happened and prevent future errors.
They not only provide clarity but also enforce accountability. So next time someone asks who changed the record, you'll know it down to the exact timestamp.
Quick check: Can you remember the last time someone changed something in your system and no one seemed to know who or how? Imagine solving that mystery in an instant!
Anomaly Watch: Beyond basic vigilance
How cool would it be to predict a future problem and stop it from happening? That's easily a top 2 sought-after super power, right?
Not all security threats are obvious. Some lurk beyond the shadows and attack when least expected. A login attempt from a different location by a known user account may not be instantly suspicious, but Anomaly Watch monitors and studies your business's usual activity patterns, flags down such incidents as abnormal activities, and alerts the admins.
From sign-ins from different time zones, IPs, OSs, and locations, failed login attempts to MFA reset attempts and more, Anomaly Watch proactively spots and prevents breaches before they turn into big security threats.
Quick check: How often have you discovered something that was suspicious only after it's already caused damage?
Learn more about security posture in this article.
Conditional Access: Your smart doorman
Imagine every single door in your office lets in every employee, regardless of their department, role, time of entry etc? Bit of a gamble, don't you think? Not everyone should get access to every room unless they have an authorised entry.
The same way, Conditional Access ensures not everyone gets a hall pass to stroll into your system. It prevents unauthorized access like a bouncer at the party clubs, checking your credentials before giving you the head nod.
With Conditional Access, admins can set rules or access policies to define which user roles can log in, from where, when, with which device(s) and IPs, and under what conditions.
If a login attempt doesn't meet the set criteria, Zoho One will deny entry to that account or allow entry after another layer of security, like an MFA. It, essentially, acts as a gatekeeper that provides layered security. You set the rules, and we enforce them.
Customizable Identity Providers [IDPs] - Log in your way
Customizable IDPs simply mean flexibility.
Every business operates differently and has specific login preferences that align with their workflow. With Zoho One's customizable IDPs, you can choose or combine authentication methods for your teams.
It's like choosing to open a door with a fingerprint, access code, or face scan. Based on your organization's hierarchical structure and requirements, your admins can configure group-based Single Sign-On (SSO) rather than mandatory SSO for all users, customize default login sequences (Zoho Password, password-less, OTP, and social logins) or even exclude specific users or groups from SSO logins. This way, everyone gets to log in comfortably without compromising safety.
Learn more about our security here.
RADIUS (Wi-Fi authentication)
Businesses rarely think of Wi-Fi as a data security risk, but it's often one of the weakest links. A public Wi-Fi is a field day for hackers. Open or unprotected networks can expose your internal systems to anyone.
Zoho One's RADIUS (Remote Authentication Dial-In User Service) based Wi-Fi authentication strengthens endpoint security by enforcing user-specific Wi-Fi authentication. It ensures that only verified users from your organization can connect to the network using their account passwords, further enabling SSO for accessing the Wi-Fi through Zoho Directory.
Quick test: Expected Honesty Level: 100
◻ Are you still using DEKs?
◻ Have you ever wasted two days figuring out who deleted a record?
◻ Have you had a breached login from across the world at 3 AM?
If you checked even one box, go to your admin console right away.
Conclusion
Hackers don't wait, and neither should you. Seal your vault with these new security features. They're live in your Zoho One account at no extra cost!
Comments