Transcription
Data SecurityMODULE 3
Table of ContentsOverview . 4Two-Factor Authentication . 6How it works . 7SMS Text Message/Voice Call . 7Google Authenticator . 8OneAuth . 9How it works . 9Touch ID . 10Push Notification . 11Scan QR . 12Time-Based OTP . 13Verification Codes . 14Trusted Browsers . 15Backup Phone Number . 16Zoho Account Settings . 17Change Name . 17Change Password. 17Change Security Question . 18Change Preferences . 18Authorized Websites . 19Zoho CRM for Administrators – Module 32
User Sessions . 20Allowed IP Addresses . 22Add Allowed IPs. 22Remove Allowed IPs . 25Audit Log . 28View Audit Log . 31Export Audit Log . 33Data Encryption . 35Set up data encryption . 35The Encryption Process in Zoho . 38Encryption Process . 393Zoho CRM for Administrators – Module 3
OverviewManaging the complexities of security administration is one of the growingconcerns in any enterprise, even more so when it comes to organizations whichdeal with e-commerce and have large networks. In such demanding times, theavailability of ecurity management is extremely crucial, as it can affect all sectorsof an enterprise. Organizations which have a large customer base need to havecomplex security systems in place to keep their data from reaching the hands ofunauthorized users.To fulfill this requirement, Zoho CRM offers many important security measures tomake sure that the accounts of customers stay safe and secure from possiblehackers and intruders.These measures are: Two-factor authentication SMS Text Message/Voice Call OneAuth Verification Codes Trusted Browsers Backup Phone Number Account Settings Allowed IP addresses Data EncryptionZoho CRM for Administrators – Module 34
Lesson A:Authentication (TFA andMFA)Lesson ObjectivesIn this lesson, you will:5 Learn about Two-Factor Authentication. Know the benefits of Two-Factor Authentication. Find out the different modes of authentication. Learn how to enable and disable TFA.Zoho CRM for Administrators – Module 3
Two-FactorAuthenticationTwo-factor authentication (TFA) is an additional identity-verification step that cankeep your account and data secure from potential intruders. In addition to enteringtheir login credentials, users will have to verify their identity by providing abiometric Face ID (on the iPhone X) or Touch ID, confirm their login via anotification on their personal mobile device, or submit a verification code receivedon the mobile device.The Multi-Factor Authentication (MFA) app created by Zoho provides additionalsecurity. Zoho OneAuth, an industry-standard verification application, gives youfour different modes of verification to choose from. You can choose toauthenticate your account either through: Face ID/ Touch ID Push Notification Scanning QR Code Time-based OTPBenefits By offering you an extra layer of security, TFA rules out the probability of anattacker impersonating a user and gaining access to computers, accountsor other sensitive resources. Even if a hacker gets access to the password,he won’t have the second element needed to authenticate the account. Mobile TFA lets you securely access corporate applications, data anddocuments from virtually any device or location, without putting thecorporate network and sensitive information at risk. When it comes to online transactions, TFA gives another layer of securityfor the website, the transaction and the customer.Zoho CRM for Administrators – Module 36
How it worksWhenever you try to sign in to your account, you enter your email address andpassword. Once two-factor authentication is configured, sign-in will require anadditional verification step via Zoho OneAuth, Google Authenticator, or anSMS/phone call. Once verified, you will be granted access to your Zoho account.We recommend using OneAuth, as it both covers offline scenarios and helps youconfigure secondary devices in case your primary device is lostTo enable TFA for your account1. Go to accounts.zoho.com and log in with your registerd email address andpassword.2. Choose Two -Factor Authentication.3. Select the Authentication Mode through which you would like to verify(SMS, Google Authenticator, or any other).4. Follow the steps mentioned to set up, verify and confirm the addition ofTFA for your account.To disable TFA1. In Zoho CRM, click on your profile and then click the My Account link.2. Choose Two-Factor Authentication from the menu.3. Click Disable.SMS Text Message/Voice CallIn this mode, you will receive a seven digit verification code or a voice call with theverification code for authentication.To enable SMS Text Message/Voice Call1. In Zoho CRM, click on your profile and then click the My Account link.2. Choose Two-Factor Authentication.3. Select SMS text message/Voice call as your mode.7Zoho CRM for Administrators – Module 3
4. Enter the mobile number which you want to the verification code to besent.5. Choose whether you want to receive the code through SMS or voice calland click Text Me.6. Enter the verification code that you received.7. Seelct the Trusted Browser checkbox and click Verify.8. Enter your account password for security confirmation and click Turn On.9. Click Continue.10. Store the backup verification codes using one of these options (Save astext, Print codes or Send email)11. Add a backup phone number to which the verification code will be sent incase your primary device is inaccessible.12. Click Send code.Google AuthenticatorBefore you choose this mode, install the Google Authenticator mobile app on yourphone.To enable Google Authenticator1. In Zoho CRM, click on your profile and then click the My Account link.2. Choose Two-Factor Authentication.3. Select Google Authenticator as your mode.Before you choose this mode, install the "Google Authenticator" mobile appon your phone.4. Scan the barcode image displayed on the Setup page to configure youraccount in Google Authenticator.If you have any issues with image loading, then you can use the 16character "secret key" displayed on clicking the Have a problem in loadingthe image? message to configure your account in Google Authenticator.5. Enter the verification code that is generated by Google Authenticator.6. Select the Trusted Browser checkbox and click Verify.Zoho CRM for Administrators – Module 38
7. Enter your account password for security confirmation and click Turn on.Google Authenticator will now be successfully configured for your account.OneAuthOneAuth is the Multi-Factor authentication app created by Zoho to add an extralayer of security to your Zoho account and protect it from password breaches.Accounts secured only by login credentials are at risk of being compromised.Anyone who knows or obtains your password can open up your account and takewhatever information they want.Multi-Factor Authentication (MFA) can help protect you from such vulnerabilitiesby requiring two identity checks. This means that in addition to login credentials,the user must provide further authentication such as a biometric Face ID (on aniPhone X) or a One-Time Password (OTP) shown on a mobile device.OneAuth provides multiple authentication modes to protect your account so thatyou can choose the authentication mode that works best for you. With OneAuth,users can implement a robust multi-factor authentication process that’s simple touse and requires no additional hardware.Key benefits Stronger security: Your Zoho account will be protected with an industrystandard authentication mechanism that makes it harder to hack. Facilitates Single Sign on: You can access 14 Zoho apps on your mobiledevice through a single sign-on.How it worksOnce you've installed the OneAuth application on your phone, you can use yourlogin credentials for access. Set up an MFA mode that you are comfortable with.From there, you'll be able to use the OneAuth app on your mobile device tosecurely log in to your Zoho account. OneAuth is available in both the iOS AppStore and Google Play Store. You can choose form these MFA modes: 9Touch IDZoho CRM for Administrators – Module 3
Push Notification Scan QR Time-Based OTPTouch IDTo enable Touch ID1. In Zoho CRM, click on your profile and then click the My Account link.2. Choose Two-Factor Authentication.3. Choose the Authentication Mode as Touch ID.Before you choose this mode install "Zoho OneAuth - Multi FactorAuthenticator" on your iOS/Android device.If you haven't installed it, you will get a prompt asking you to install it onyour mobile device.(If you are using the app for the first time follow step 4 and 5, else skip tostep 6)4. Open the app on your device and Sign in with your Zoho account.5. Tap Switch to MFA (Multi Factor Authentication) on the home page.This will take you to the Setup MFA window.6. In the Setup MFA window, tap the Touch ID mode or click and drag it intothe circle.7. Verify with your fingerprint.8. Tap confirm.A window pops up asking your Zoho Account password.9. Enter the password.You will be logged out from your active sessions on the web once youenter the password.To log in using Touch ID1. Log-in to your Zoho CRM account.Zoho OneAuth app on your mobile asks for your fingerprint.Zoho CRM for Administrators – Module 310
2. Place you finger for fingerprint verification.Access is granted once the fingerprint is verified.Notes:Uninstalling the OneAuth app will lock you out of your account. Disable MFA foryour Zoho Account before you uninstall.Push NotificationTo enable push notification1. In the Zoho CRM, click on your profile and then click the My Account link.2. Choose Two-Factor Authentication.3. Choose the Authentication Mode as Push Notification.Before you choose this mode install "Zoho OneAuth - Multi FactorAuthenticator" on your iOS/Android device.If you haven't installed it, you will get a prompt asking you to install it onyour mobile device.(If you are using the app for the first time follow step 4 and 5, else skip tostep 6)4. Open the app on your device and Sign in with your Zoho account.5. Tap Switch to MFA on the home page.This will take you to the Setup MFA window.6. In the Setup MFA window, tap the Push Notification mode or click and dragit into the circle.7. Tap confirm.A window pops up asking your Zoho Account password.8. Enter the password.You will be logged out from your active sessions on the web once youenter the password.11Zoho CRM for Administrators – Module 3
To log in using push notification1. Log in to your Zoho CRM account.Zoho OneAuth app on your mobile asks for your approval.2. Tap Approve to grant access.Notes:Uninstalling the OneAuth app will lock you out of your account. Disable MFA foryour Zoho Account before you uninstall.Scan QRTo enable QR code1. In the Zoho CRM, click on your profile and then click the My Account link.2. Choose Two-Factor Authentication.3. Choose the Authentication Mode as Scan QR.Before you choose this mode install "Zoho OneAuth - Multi FactorAuthenticator" on your iOS/Android device.If you haven't installed it, you will get a prompt asking you to install it onyour mobile device.(If you are using the app for the first time follow step 4 and 5, else skip tostep 6)4. Open the app on your device and Sign in with your Zoho account.5. Tap Switch to MFA on the home page.This will take you to the Setup MFA window.6. In the Setup MFA window, tap the Scan QR Code mode or click and drag itinto the circle.7. Tap confirm.A window pops up asking your Zoho Account password.8. Enter the password.You will be logged out from your active sessions on the web once youenter the password.Zoho CRM for Administrators – Module 312
To log in using QR code1. Log in to your Zoho CRM account.Zoho OneAuth app on your mobile asks for your approval.2. Scan the QR code from your device to sign-in to your Zoho Account.Notes:Uninstalling the OneAuth app will lock you out of your account. Disable MFA foryour Zoho Account before you uninstall.Time-Based OTPTo enable Time-Based OTP1. In the Zoho CRM, click on your profile and then click the My Account link.2. Choose Two-Factor Authentication.3. Choose the Authentication Mode as Time-Based OTP.Before you choose this mode install "Zoho OneAuth - Multi FactorAuthenticator" on your iOS/Android device.If you haven't installed it, you will get a prompt asking you to install it onyour mobile device.(If you are using the app for the first time follow step 4 and 5, else skip tostep 6)4. Open the app on your device and Sign in with your Zoho account.5. Tap Switch to MFA on the home page.This will take you to the Setup MFA window.6. In the Setup MFA window, tap the Time-Based OTP mode or click and dragit into the circle.7. Tap confirm.A window pops up asking your Zoho Account password.8. Enter the password.You will be logged out from your active sessions on the web once youenter the password.13Zoho CRM for Administrators – Module 3
To log in using Timer-Based OTP1. Log in to your Zoho CRM account.Zoho OneAuth app on your mobile asks for your approval.2. Tap View Code to get your One Time Password.Verification CodesA verification code is a unique code that is generated when you sign in to yourZoho account.How can I get a verification code?You can choose to receive the verification codes either through: Your Zoho OneAuth app. Your mobile device via an SMS text message. Through a call to your mobile device. In your Google Authenticator app.If you requested but not did not receive a verification code, then try to usethe Resend option to send the verification code. Depending on the mobile serviceprovider, SMS text messages may take some time to reach your device.What are backup verification codes?Backup verification codes can be used when you have set up Two-factorauthentication on your account and do not have access to your phone. You caneither print backup codes, download them as text, or send them to your personalemail address. You must keep these codes safe. This will help you access yourZoho account when you don't have your mobile device with you or you have nointernet on your mobile device.Zoho CRM for Administrators – Module 314
To get backup verification codes1. In Zoho CRM, click on your profile and then click the My Account link.2. Choose Two-Factor Authentication.3. In the Two Factor Authentication page, click Manage Backup VerificationCodes.A set of backup codes will be listed.4. Click Save as text to save the backup codes locally.If required, you can print the backup codes and file them in a safe place.These codes can be used only once, in place of a verification code whenyou sign in to your account.5. Click Generate new codes, in case you want to regenerate the backupcodes.This will delete the existing codes and generate a new set of backupcodes.How can I use backup verification codes?After entering your login credentials to sign-in to your account, click Can't accessyour phone? in the sign in verification code page and enter any one of the backupcodes from the list, to sign in to your account.Note: If your phone is unavailable, these codes will be the only way to sign in toyour account. Make sure to keep them in a secure and accessible place. If youhave lost the backup codes, please contact Zoho Accounts support.Trusted BrowsersThe browsers that you have marked as "trusted browsers" on a computer won'task for a verification code when you sign in to your Zoho account for the next 180days. This saves you the effort of having to repeatedly enter the code each timeyou sign in to your account.To do this, select the Trust this browser option while entering your verificationcode during sign in.15Zoho CRM for Administrators – Module 3
To view/delete trusted browsers in your account1. In Zoho CRM, click on your profile and then click the My Account link.2. Choose Two-Factor Authentication.3. In the Two Factor Authentication page, click Manage Trusted Browsers.This will list the details of the browsers you've trusted on any computer IPaddress. You can delete a trusted browser at any time from this list usingthe Remove link.Note:Once you revoke the trusted status of a browser in a computer, you will berequired to enter
To enable SMS Text Message/Voice Call 1. In Zoho CRM, click on your profile and then click the My Account link. 2. Choose Two-Factor Authentication. 3. Select SMS text message/Voice call as your mode. Zoho CRM for Administrators –
