Best practices
As your digital signature solution, Zoho Sign holds confidential data like organization details, important documents, recipient information, and more that is integral to your day-to-day operations and business continuity.
At Zoho, we follow industry-standard best practices to comply with various industry regulations across the globe. However, we also recommend our users and third-party signers follow the below list of best practices to ensure data security and privacy:
- Use a strong and unique password for your Zoho account.
- Enable multi-factor authentication and save the back-up codes in a secure location for an additional level of security.
- Zoho Sign URLs always start with 'https://' and contain 'sign.zoho.com' for the US datacenter (DC), 'sign.zoho.eu' for the European Union (DC), 'sign.zoho.in' for the India DC, 'sign.zoho.com.au' for the Australia DC, and 'sign.zoho.jp' for the Japan DC. Please exercise caution and don't click links to domains you do not recognize or have not seen before. Always hover over links you're clicking and ensure that you're indeed being directed to the same URL endpoint.
- The emails from Zoho Sign containing a digital signature request are highly confidential and contain a secure link to access the respective document(s) for signing/viewing/approval. These are solely for the use of their intended recipients and we encourage you not to share or forward these emails to others as that poses a security risk leading to unauthorized access. In the case of a signer wanting to assign a document to somebody else, they can visit the document from the link and use the 'Assign to someone else' option to securely re-assign the document using the controls established within Zoho Sign.
- If you're a Zoho Sign user, we recommend you access and sign documents you receive directly from the Zoho Sign application on your device or by visiting www.zoho.com/sign and logging in.
- Do not open unknown or suspicious attachments—or click such links—in the emails you receive.
- Do not fall prey to emails that claim urgency and/or demand immediate attention. Watch out for mistakes in spelling, grammar, and language in general.
- Keep your anti-virus software and other business software updated with the latest security patches and fixes.
- In case you are unable to resolve the authenticity of an email, please contact the purported sender offline to verify the email’s authenticity.
- Report suspicious Zoho Sign emails to your internal IT/security administrator. We also strongly urge you to forward them immediately to abuse@zohocorp.com for us to analyze and promptly initiate appropriate counter measures.
- Visit the Zoho Accounts console periodically to check active sessions and terminate any session you no longer need or that appears suspicious to you.
- Monitor and manage your Zoho Sign documents periodically and download a copy or save them to cloud to avoid any data loss as a result of accidental deletion caused by other users in your organization.
- Perform periodic role reviews and disable/remove any inactive users from your Zoho Sign account. Administrators of your Zoho Sign organization have access to all your documents and account settings. Ensure only the appropriate individuals are assigned the role of administrator.
Note: This is not an exhaustive list. Feel free to follow best practices advised by your organization and industry experts apart from these tips. We will also keep this page updated periodically.
Zoho CRM Training Programs
Learn how to use the best tools for sales force automation and better customer engagement from Zoho's implementation specialists.
Zoho DataPrep Personalized Demo
If you'd like a personalized walk-through of our data preparation tool, please request a demo and we'll be happy to show you how to get the best out of Zoho DataPrep.
- Zoho Workerly Home
- Forums
- Connect With Us:
- Zoho Recruit Home
- Forums
- Connect With Us:
You are currently viewing the help pages of Qntrl’s earlier version. Click here to view our latest version—Qntrl 3.0's help articles.
New to Zoho Survey?
Zoho Sheet Resources
Zoho Forms Resources
New to Zoho Sign?
Zoho Sign Resources
Sign, Paperless!
New to Zoho TeamInbox?
Zoho TeamInbox Resources
New to Zoho ZeptoMail?
Zoho DataPrep Resources
Design. Discuss. Deliver.
New to Zoho Workerly?
New to Zoho Recruit?
New to Zoho CRM?
New to Zoho Projects?
New to Zoho Sprints?
New to Zoho Assist?
New to Bigin?
Related Articles
Webhooks best practices
As a technical user, you use webhooks to set up or integrate applications and get real-time updates whenever an event or action occurs. The admin of a Zoho Sign account can configure a webhook and choose the events that will trigger it. The callbacks ...EU GMP Annex 11 in Zoho Sign
Available in Enterprise edition and will be enabled in your account on request. European Union (EU) Annex 11 is part of the EudraLex Volume 4 of Good Manufacturing Practice, establishes the criteria for life science industries such as pharmaceutical ...Security and Legal
Can I use Zoho Sign to collect sensitive personal data such as credit card information? We strongly discourage the use of Zoho Sign or its associated features to collect sensitive personal data such as credit card information, PIN, and social ...Qualified Electronic Signatures via Swisscom for Switzerland
This integration is available across all paid plans in the EU datacenter. With Zoho Sign's integration with Swisscom, a leading qualified trust service provider (QTSP) for Switzerland, you can digitally sign documents with qualified electronic ...Qualified Electronic Signatures via InfoCert for EU
Available only in Enterprise Edition InfoCert is a Qualified Trust Service Provider (QTSP), and is also one of the trusted identity verification services in the European Union. InfoCert allows signers to sign documents through Qualified Electronic ...
New to Zoho LandingPage?
Zoho LandingPage Resources