Guaranteed data security

Data is any business's biggest asset. Losing it can cripple an organization. That's why at Zoho WorkDrive, we give security and privacy the utmost importance. Zoho WorkDrive meets industry-specific compliance standards such as SOC 2 Type II and ISO 27001, and also complies with the EU-U.S. Privacy Shield Framework. We use a defense-in-depth approach to provide security at the physical, logical, and data levels.

Data level security

Zoho's data centers are hosted in secured locations and monitored with night vision cameras, 24*7 throughout the year. Zoho WorkDrive's servers and clients are connected through SSL and secured with an RSA-based 2048-bit encryption key.

Disaster recovery

Our servers are well protected from all kinds of physical damage. Zoho servers run on distributed grid architecture. In case of server damage, a copy of your files will be safely backed up in an alternate server and available without any noticeable delay.

Intrusion protection

All files are first checked for viruses before being uploaded and stored in Zoho servers. Our screening uses powerful Intrusion Detection and Intrusion Prevention systems (IDS/IPS) and our systems are secured from DDoS attacks.

Two-factor authentication

Protect your Zoho WorkDrive account with Two-Factor Authentication (TFA). Security means more than just a password. To ensure strong protection, you'll also get a unique code generated every time you log into an account.

Encryption in transit and at rest

With Zoho WorkDrive, your data is always safe. Files in Zoho WorkDrive are encrypted at rest with 256-bit Advance Encryption Standard (AES). During transit, Perfect Forward Secrecy (PFS) generates a unique key for each session to encrypt files.

Team-level security

Security threats don't always come from outside. You need to watch out for internal data theft too. Instead of manually monitoring your team members and their activities, save time and energy by setting permissions based on their roles. 

Admin-level controls

Choose where your files can be shared. As an admin, you can decide whether to allow your users to share files only internally, or outside your team as well. Avoid the clutter by only allowing team admins to create public groups.

Transfer file ownership

What's created in an organization should stay in the organization. Don't let ex-employees leave with the important files they created and worked on. Transfer ownership of files from one user to another to keep them in the right hands.

Share links that expire

Make your data available only for as long as you want to. Set expiration dates for your quarter-end reports, research findings, or other vital documents while sharing them externally. After the expiration date, your external partners won't be able to view your data.

Role-based permissions

Give users only as much access as they need. Use roles like viewer or commenter when you want to involve your stakeholders but don't want them to make changes to your files. Set roles like collaborator or moderator when you'd like people to contribute to your work.