Understand security policy
Security policy is a set of customizable rules that govern how your users can access your applications. As part of an organization, one has to follow a set of rules or procedures for security purposes, as laid down by that organization. You can use Zoho Directory to define additional security policies such as setting the strength of passwords, IP Address restrictions, multi-factor authentication, and web session management.
Zoho Directory allows you to configure multiple security policies and apply them to different groups based on your requirements. These policies help tighten access control for your organization by enforcing certain policies for all users. They are easily customizable, and can be applied to the users you choose.
Add and manage security policies
- Add security policy
- Apply an existing security policy to new groups
- Add or exclude users from a security policy
- Deactivate a security policy
- Delete a security policy
- Reorder policy priority
- Examples
Configure security policy
Examples
- Imagine that you've created an application named Zylker Sales Management to automate your sales process and assigned this app to the members of your organization's marketing and sales teams. To prevent identity theft, you can set up a strong password policy that:
- Mandates these users to maintain complex passwords
- Sets an expiration period for their passwords, and
- While resetting their passwords, limits them from re-using the previously used passwords
- Imagine that you've created an application named Zylker Safety Management to assign and track admin tasks. You (admin) have assigned this application to the members of the system administrators group, who have access to your organization's directory. System administrators will require the maximum security, and should probably only be allowed to sign in from an allowed IP address, along with a complex password policy. Both of these can be configured as part of a security policy in Zoho Directory. Login attempts from all other IP addresses will be denied.