The News: Zoho introduces a number of capabilities to simplify and strengthen security for its enterprise customers. Additional detail is available in Zoho’s press release.
Advancing the Zoho Enterprise Security Stack
Analyst Take: Today, a hybrid mishmash of working from home and other remote locations as well as more traditional office settings has become the norm for most businesses. This greatly expands the traditional attack surface, as traditional office security measures may not extend to employees’ personal devices or unsecured home networks, creating potential entry points for hackers. Additionally, managing access controls becomes more complex as employees shift locations, potentially increasing the risk of unauthorized access to sensitive data. At the same time, cybersecurity has become a board-level priority. The Futurum Group’s Cybersecurity Decision Maker IQ data indicates that more than half of organizations consider the CIO to be the most influential purchase decision-maker in their organization for cybersecurity technology, and well over one-third considers the CISO.
Against this backdrop, the challenge for organizations becomes facilitating this user productivity, while also optimizing security measures to protect against the modern threat landscape. For its part, Zoho has been investing for years in the development of the Zoho Enterprise Security Stack, to optimize the security of its cloud-hosted enterprise apps, which include CRM, accounting, human resources management, project management, inventory management, and email and communication.
The company’s objective is to simplify enterprise security by offering a platform that is inter-connected – that is, the Zoho apps themselves are integrated, and customers can connect with other tools such as Microsoft Active Directory or SIEM platforms that are used for important functions such as controlling user access to data and network resources, threat detection, and incident response. Specifically, the core components of the Zoho Enterprise Security Stack are:
- Zoho Vault for password management
- Zoho OneAuth for multi-factor authentication (MFA)
- Zoho Directory for workforce identity and access management (IAM)
- Zoho Ulaa, a secure browser.
Zoho is announcing a number of additions and enhancements to its security stack that are geared primarily toward protecting user identities, preventing phishing and other social engineering attacks and improving the ability to detect attacks. Specifically, it has announced:
The ability to have one centralized credential for access to all Zoho applications, with conditional access for adaptive protection as users’ requirements and the threat landscape evolves. For example, a user can be automatically locked out based on failed login attempts. A key differentiator is that Zoho supports both device- and network-based authentication, for a comprehensive approach.
The ability to use a passkey to autofill passwords and MFA credentials that are stored in Zoho Vault, as a result supporting users’ productivity.
AI-supported behavioral threat analytics, which can support phishing prevention and crypto mining protection. It is material to note that Zoho’s AI capabilities are home-grown; they are not based on an open-source model such as Google Gemini or OpenAI.
The Futurum Group views the announcement as another example of Zoho’s now long-standing focus on investing R&D in security capabilities that are into its products, as well as those that are used from a customer perspective – as opposed to bolt-on, acquired technologies that may have trouble integrating. What’s more, these capabilities are addressing the fact that attackers are increasingly targeting user identities and credentials – that is, logging in versus hacking in – which is a particular threat as users work across a variety of applications, devices, and even networks.
Disclosure: The Futurum Group is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.
Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of The Futurum Group as a whole.
Other Insights from The Futurum Group:
Zoho CEO Sridhar Vembu on the Long Game, Transnational Localism, and the Future of AI
Zoho Strategy Melds Social Responsibility, Value, and Functionality
Embracing the Long Game: Zoho’s Vision for Sustainable IT Innovation
Author Information
Krista Case brings over 15 years of experience providing research and advisory services and creating thought leadership content. Her vantage point spans technology and vendor portfolio developments; customer buying behavior trends; and vendor ecosystems, go-to-market positioning, and business models. Her work has appeared in major publications including eWeek, TechTarget and The Register.
