Fine tune access controls

In a business enterprise, administrators are often required to allow/ restrict certain features organization wide and selectively exempt users when needed. Consider, you need to restrict a group of users from storing their personal secrets in the Vault. In this case, Zoho Vault provides you with fine-grained access controls to tweak the access control for user(s). Administrators / super admins have privileges to access and modify these controls any time. You can access these controls by selecting 'Fine-Grained Controls' under the 'Admin' tab. The features provided here are -

  • Restrict users from storing personal secrets:
    With this option enabled, all users in the organization including the administrator/ super-admin will not be allowed to store personal passwords. This feature comes in handy when you want to control users from storing their personal information in your business network.
  • Restrict users from exporting secrets:
    Enterprises often incorporate policies that prevent employees from downloading company specific information. Enabling this option will restrict all users in the organization (including the administrator/ super-admin) from exporting secrets.
  • Restrict offline access to secrets:
    Zoho Vault provides a feature to export passwords as encrypted HTML for offline access. Enable this option to prevent users in the organization (including the administrator/super-admin) from exporting secrets for offline access.
  • Restrict access to secrets through mobile apps:
    Enterprises often wish to selectively restrict users from accessing company secrets outside the network. Selecting this option restricts all users in the organization (including the admin/super-admin) to access secrets through mobile apps.

Exempt specific users from restrictions:

Zoho Vault has a provision to exempt certain users from the above mentioned access restrictions. Only the super-admin/administrator has the permission to add exemptions. To add exemptions -

  1. Click 'Exempt specific users/ Modify exemption' under the required option in the 'Fine-Grained Controls' page.
  2. From the list of users on the left, select the users who are to be exempted and add them to the right by clicking on the right arrow button. If the list of users is long, you can find specific users using the search function.
  3. Click 'Save'.

The list of exempted users can be modified any time. Just click 'Exempt specific users/ Modify exemption' and make the required adjustments. All information modified here is captured in audit trails making the whole process traceable to its roots.

Fine tune access controls