Security and Compliance Dashboard

Security and Compliance Dashboard

Overview

The security and compliance dashboard in the Zoho Mail Admin console provides an overview of all the recommended security configurations. It displays the overall security and compliance score along with the completion status for each action.

Security and Compliance Score

The security and compliance score assesses your progress in completing the recommended actions to improve your organisation's security. The highest score indicates that your organisation is highly secure against all types of spoofing, account breaches and any data leaks, while the lowest score indicates that your organisation is vulnerable to a security breach. It is recommended to complete all the mentioned actions to keep your data secure.

The security threats that we protect you from include:

  • Spoofing - An email is considered to be spoofed when spammers forge an email address of an organization/ person. 
  • Malware -  Malware is any file or program that is intentionally designed to harm your computer/ network/ server. 
  • Account Breach - Account breach is a security violation that exposes any confidential or sensitive information by an outsider.
  • Data Exfiltration -  Data exfiltration is an unauthorised removal or movement of data from a device.
  • Data Leak -  Data leak is accidental exposure of sensitive data onto the internet.

Certain security actions will be configured automatically such as MX records, SPF verification, and so on. Click Incomplete to quickly view the list of pending security actions.

Recommended Security Configurations

Security ParametersDescription
DKIM VerificationDKIM is an email authentication method that uses encryption to validate if an email is generated from systems authorized by the domain administrator. Emails are detected as spam in case of DKIM Failure. Learn more
DMARC VerificationDMARC is an email authentication protocol, which builds on the widely deployed SPF and DKIM protocols. In case of authentication failure, the DMARC policy is set to quarantine. Learn more
DMARC Policy DMARC is an email authentication protocol. It builds on the widely deployed SPF and DKIM protocols. Additionally, it includes a reporting function that allows senders and receivers to monitor and protect their domain from fraudulent email. Learn more
DNSBL VerificationDNSBL is a consolidated blocked list based on user spam marking, abuse patterns, and certain third-party blocklists. Emails are detected as spam if the sending domain/ email address or IP address is present on the blocked list. Learn more
SPF VerificationSender Policy Framework, commonly known as SPF, is a text record associated with the domain to identify the servers permitted to send emails using the particular domain name. Emails are detected as spam in the case of SPF Failure and SPF Soft Failure. Learn more
Suspicious Login AlertsSuspicious Login Alerts, if enabled send an email alerting users of any unusual logins into their email accounts. Learn more
Organization-wide TFATwo-factor authentication is an additional security process to secure organization accounts with the combination of a password and a mobile device. You can choose to enable or disable TFA for your organization. Learn more
MX Record Configuration MX records are special DNS Server records that designate recipient email servers for your domain. Configuring MX records for your domain ensures that all emails addressed to your domain are sent to the Zoho servers. Learn more
SPF Record ConfigurationSPF is an authentication mechanism that helps in identifying the IP addresses permitted to send emails using the domain name. Learn more
DKIM ConfigurationDKIM is an email validation system that uses encryption to validate if an email has been sent from authorized servers configured by the administrator of the domain. Learn more
S/MIME ConfigurationSecure/Multipurpose Internet Mail Extensions (S/MIME) provides high-level security to your organization's emails. This encrypts the content of the email using keys, and curbs any misuse. It ensures that only authorized personnel can access your data. Learn more
No Trusted SendersEmails from email addresses that are added to the Trusted Emails List get delivered to the mailbox without any spam check. These emails will not be validated for SPF/ DKIM/ blocklist checks. Please be doubly cautious before you add any email address to this list, as it may expose the organization to spam/ phishing attacks using this email address. Learn more
No Trusted DomainsEmails from domains that are added to the Trusted Domains List get delivered to the mailbox without any spam check. These emails will not be validated for SPF/ DKIM/ blocklist checks. Please be doubly cautious before you add any domain to this list, as it may expose the organization to spam/ phishing attacks using this domain. Learn more
Cousin Domain VerificationCousin domains or look-alike domains are spoofed domains with their names similar to valid domains. If you expect a domain to send genuine emails, but want to mark an email from any other variations of the domain name as spam, you can add it in this section. Learn more
Display Name VerificationYou can set up a display name and associate one or more email addresses with this display name. The emails that arrive with other display names, other than the ones added here will be considered fraudulent or spoofed emails. Learn more
Internationalised Spam SettingsYou can allow or reject emails based on the language used in the email. If you allow certain languages, emails sent in those languages will be allowed and all the other emails will be moved to spam. Similarly, if you block certain languages, emails sent in those languages will be moved to spam and other emails will be allowed. Learn more
Group Privilege SettingsYou can choose who can have access to create organization and personal groups under group privileges settings. By default, the super admin will have all the privileges in the organization. Learn more

 

After you complete the security settings, click the tooltip next to each security Action to view the current configuration. You can modify the settings based on your organization's requirement.

Note:

This security feature will be available only for organizations that are using one of our paid plans.

 

 

Share this post : FacebookTwitter

Still can't find what you're looking for?

Write to us: support@zohomail.com