Ownership & Roles
Establish ownership for accounts and never leave them orphans
Establish clear-cut ownership for all your passwords. By default, the one who adds a particular password becomes the owner of that password. Unless shared with other users, no one else will be able to access or even see that password except the owner. Thus, access to the sensitive passwords is effectively controlled.
Transfer ownership when someone leaves
In the event of one of the users leaving the organization, you can transfer the secrets owned by that person to some other administrator. The provision for transfer of ownership also comes in handy when one administrator adds all the secrets to Zoho Vault and later allots them to other users based on their job profile.
Acquire secrets when someone leaves on bad terms
When someone leaves your organization on bad terms, transferring ownership of secrets simply does not work. In such situations, super-admin can acquire the 'Enterprise' type secrets owned by that user. This facility can be availed through a simple setting which basically introduces a change to the encryption of secrets. All enterprise secrets will be encrypted using the org key, instead of the user's passphrase.
Assign roles for access controls
Assign roles to your users and establish fine-grained access controls. Zoho Vault comes with three pre-defined roles - Super Admin, Admin and User. The administrator of the organization is designated as 'Super Admin', who will have the exclusive privilege to invite other users to join Zoho Vault and also make any user as 'Admin'. Users designated as 'Admins', other than carrying out all admin operations listed under "Admin" tab, also approve secret sharing requests from users and define password policy for the organization. Those with the role "Users" will not be able to perform the admin operations.
Integrate Active Directory / LDAP
Import users / user groups from Windows Active Directory or LDAP and also leverage the authentication mechanism.