Menu
Become a Client
Krista Case

Advancing the Zoho Enterprise Security Stack

Advancing the Zoho Enterprise Security Stack

The News: Zoho introduces a number of capabilities to simplify and strengthen security for its enterprise customers. Additional detail is available in Zoho’s press release.

Advancing the Zoho Enterprise Security Stack

Analyst Take: Today, a hybrid mishmash of working from home and other remote locations as well as more traditional office settings has become the norm for most businesses. This greatly expands the traditional attack surface, as traditional office security measures may not extend to employees’ personal devices or unsecured home networks, creating potential entry points for hackers. Additionally, managing access controls becomes more complex as employees shift locations, potentially increasing the risk of unauthorized access to sensitive data. At the same time, cybersecurity has become a board-level priority. The Futurum Group’s Cybersecurity Decision Maker IQ data indicates that more than half of organizations consider the CIO to be the most influential purchase decision-maker in their organization for cybersecurity technology, and well over one-third considers the CISO.

Against this backdrop, the challenge for organizations becomes facilitating this user productivity, while also optimizing security measures to protect against the modern threat landscape. For its part, Zoho has been investing for years in the development of the Zoho Enterprise Security Stack, to optimize the security of its cloud-hosted enterprise apps, which include CRM, accounting, human resources management, project management, inventory management, and email and communication.

The company’s objective is to simplify enterprise security by offering a platform that is inter-connected – that is, the Zoho apps themselves are integrated, and customers can connect with other tools such as Microsoft Active Directory or SIEM platforms that are used for important functions such as controlling user access to data and network resources, threat detection, and incident response. Specifically, the core components of the Zoho Enterprise Security Stack are:

  • Zoho Vault for password management
  • Zoho OneAuth for multi-factor authentication (MFA)
  • Zoho Directory for workforce identity and access management (IAM)
  • Zoho Ulaa, a secure browser.

Zoho is announcing a number of additions and enhancements to its security stack that are geared primarily toward protecting user identities, preventing phishing and other social engineering attacks and improving the ability to detect attacks. Specifically, it has announced:

The ability to have one centralized credential for access to all Zoho applications, with conditional access for adaptive protection as users’ requirements and the threat landscape evolves. For example, a user can be automatically locked out based on failed login attempts. A key differentiator is that Zoho supports both device- and network-based authentication, for a comprehensive approach.
The ability to use a passkey to autofill passwords and MFA credentials that are stored in Zoho Vault, as a result supporting users’ productivity.
AI-supported behavioral threat analytics, which can support phishing prevention and crypto mining protection. It is material to note that Zoho’s AI capabilities are home-grown; they are not based on an open-source model such as Google Gemini or OpenAI.

The Futurum Group views the announcement as another example of Zoho’s now long-standing focus on investing R&D in security capabilities that are into its products, as well as those that are used from a customer perspective – as opposed to bolt-on, acquired technologies that may have trouble integrating. What’s more, these capabilities are addressing the fact that attackers are increasingly targeting user identities and credentials – that is, logging in versus hacking in – which is a particular threat as users work across a variety of applications, devices, and even networks.

Disclosure: The Futurum Group is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.

Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of The Futurum Group as a whole.

Other Insights from The Futurum Group:

Zoho CEO Sridhar Vembu on the Long Game, Transnational Localism, and the Future of AI

Zoho Strategy Melds Social Responsibility, Value, and Functionality

Embracing the Long Game: Zoho’s Vision for Sustainable IT Innovation

Author Information

Krista Case

Krista Case brings over 15 years of experience providing research and advisory services and creating thought leadership content. Her vantage point spans technology and vendor portfolio developments; customer buying behavior trends; and vendor ecosystems, go-to-market positioning, and business models. Her work has appeared in major publications including eWeek, TechTarget and The Register.

Related Insights
Okta Q4 FY 2026 Earnings Highlight Agentic Identity Positioning
March 6, 2026
 

Okta Q4 FY 2026 Earnings Highlight Agentic Identity Positioning

Dion Hinchcliffe is Vice President & Practice Lead, CIO & Technology Buyers reviews Okta’s Q4 FY 2026 earnings, focusing on agentic identity positioning, evolving pricing models, and how large-customer platform...
Dion Hinchcliffe
Commvault-CrowdStrike SIEM Link Tests Bi-Directional Resilience
March 6, 2026
 

Commvault-CrowdStrike SIEM Link Tests Bi-Directional Resilience

Fernando Montenegro, VP and Practice Lead, Cybersecurity at Futurum, examines how Commvault’s bi-directional integration with CrowdStrike Falcon Next-Gen SIEM enables shared backup-integrity telemetry to fasten recovery after cyberattacks....
Fernando Montenegro
CrowdStrike Q4 FY 2026 Earnings Extend ARR Scale and AI Security Focus
March 6, 2026
 

CrowdStrike Q4 FY 2026 Earnings Extend ARR Scale and AI Security Focus

Fernando Montenegro, VP Cybersecurity at Futurum, highlights CrowdStrike’s Q4 FY26 earnings: Falcon expands into AI security, identity, and browser runtime, underscoring consolidation-driven cybersecurity strategies....
Fernando Montenegro
S3NS & Sovereignty Can Thales-Google Venture Make AI Sovereignty Work at Scale
March 5, 2026
 

S3NS & Sovereignty: Can Thales-Google Venture Make AI Sovereignty Work at Scale?

Nick Patience, VP & Practice Lead for AI Platforms at Futurum Research, assesses S3NS’s progress following its SecNumCloud qualification, evaluates the sovereign AI roadmap, and examines what the Thales-Google Cloud...
Stellantis FY 2025 Earnings Reflect Reset Costs as H2 Momentum Builds
March 4, 2026
 

Stellantis FY 2025 Earnings Reflect Reset Costs as H2 Momentum Builds

Olivier Blanchard, Research Director at Futurum, reviews Stellantis FY 2025 results, focusing on the customer-led reset, product cadence, quality execution, and what the H2 recovery signals for 2026....
Olivier Blanchard
SentinelOne’s Identity Catch-Up Tests Its Endpoint-Led Platform Story
March 4, 2026
 

SentinelOne’s Identity Catch-Up Tests Its Endpoint-Led Platform Story

Fernando Montenegro, VP and Practice Lead, Cybersecurity at Futurum, examines SentinelOne’s identity portfolio expansion and its approach to securing human and non-human identities, including autonomous AI agents, browsers, and AI...
Fernando Montenegro

Welcome to The Futurum Group

Login to The Futurum Group
Login to Futurum Intelligence Platform
Login to Futurum Labs Research Library

Book a Demo

Newsletter Sign-up Form

Get important insights straight to your inbox, receive first looks at eBooks, exclusive event invitations, custom content, and more. We promise not to spam you or sell your name to anyone. You can always unsubscribe at any time.

All fields are required






Thank you, we received your request, a member of our team will be in contact with you.