Logo

Organization Security - Zoho Mail Admin Console

Posted by Nishi on 22 June 2025

Organization accounts hold a lot of sensitive data and there's a need for certain security rules to make sure your data stays safe and is not compromised. The administrator can protect their user and organization data with the help of email security features like TFA, Suspicious login alerts, and more.  

Suspicious Login Alerts

Zoho Mail has a mechanism to identify logins that are unusual with respect to the user's previous behaviour. These logins are called Suspicious logins. You can choose to send an email to the user whose account registered a suspicious login by enabling the Suspicious Login Alerts option. To enable/disable suspicious login alerts,

  1. Login to the Zoho Mail Admin Console.
  2. Under the Security and Compliance section in the left pane, navigate to Suspicious Login
  3. Enable/ disable the option by switching the toggle to ON or OFF.

S/MIME

S/MIME is an encrypting technology that allows you to protect your emails with the concept of asymmetric cryptography. Learn more about S/MIME.

Enable S/MIME to your organization

  1. Login to the Zoho Mail Admin Console.
  2. Under the Security and Compliance section in the left pane, navigate to S/MIME
  3. Enable/ disable the option by switching the toggle to ON or OFF.

Even though you enable S/MIME to your organization, each user has to be configured with their own S/MIME certificate. You can allow the users to upload their own S/MIME certificate from their mailbox by checking the Allow users to upload their own certificates option. 

Configure S/MIME for a user

In case you want to configure S/MIME to users from the Admin Console, follow the steps below.

  1. Login to the Zoho Mail Admin Console.
  2. Navigate to Users in the left pane, and click on the user you want to configure S/MIME from the listing.
  3. On the user page, click Security from the top menu and navigate to S/MIME in the left menu.
  4. Click Add.​
  5. Choose the email address of the user if the user has multiple email addresses.
  6. Upload the user's S/MIME certificate and provide the certificate password.
  7. Once done, click Upload.​

Note:

  1. The users can upload S/MIME certificates from the mailbox for themselves if the Allow users to upload their own certificates option is enabled. 
  2. Zoho Mail does not provide S/MIME certificates and has to be purchased from your preferred third-party provider.

Two-factor Authentication

Two-factor authentication (TFA) or Multi-factor authentication (MFA) admits access to an account by verifying a static password and a varying passcode. The varying passcode can be an SMS-based OTP, App-based OTP, Yubikey, or Zoho's OneAuth (highly recommended). If one of the passcodesβ€”static (your general password) or variable (the OTP) provided is not correct, then access to the account will be denied. Learn More.

Allowed IP Addresses

Certain organizations expect their users to log in to their mail accounts only from the premises or specific IP addresses. You can restrict access to only authorized locations with respect to the role of your organization users using Allowed IP Addresses. If defined, the users when not part of the specified IP addresses will not be able to access their accounts. Learn More.

Password Policy

Password is the first and foremost gateway for your users to access their accounts. The stronger a password is, the more it gets difficult for a hacker to compromise the same. Although Zoho Mail's default password policy mandates users to create a strong password, you can use the Password Policy option to mandate that your users create passwords that are stronger. Learn More.

SAML Authentication

SAML - Security Assertion Markup Language, developed by the Security Services Technical Committee of "Organization for the Advancement of Structured Information Standards" (OASIS), is an XML-based framework for exchanging user authentication, entitlement, and attribute information. SAML is a derivative of XML. The purpose of SAML is to enable Single Sign-On for web applications across various domains and services. Learn more.

Idle Session Timeout

The Super Administrator of an organization can decide whether an Admin Console session should get locked due to prolonged inactivity. If a super admin enables idle session timeout, Admin Console will get locked and the admins must enter their password to unlock the session. Follow these steps to configure the Idle Session Timeout:

  1. Log in to Zoho Mail Admin Console and select Security & Compliance on the left pane.
  2. Navigate to Idle Session Timeout section under Security and enable Idle Session Timeout.
  3. Select the desired value in the Hours and Minutes drop-downs and click Update.​

When a session gets timed out, admins must enter their password to access the Zoho Mail Admin Console.

Note:

The idle session timeout feature is available only for organizations that use one of our paid plans and will be visible only for the Super Admin.

Was this article helpful?

Subscribe now & Get the latest updates

Zoho Mail Admin Console

Easily manage your organization's email accounts on the go with the Zoho Mail Admin appβ€”available for both iOS and Android. This intuitive mobile console empowers administrators to handle user accounts, settings, and security with justΒ aΒ fewΒ taps.

Manage all your organization's email settings easily with the Zoho Mail Admin Console for streamlined control and performance.

πŸ‘‰ Learn More

Customize and manage Zoho Application Settings through the admin console for optimal app-level configurations.

πŸ‘‰ Learn More

Follow the steps to install and configure the Zoho Mail Extension for Plesk, enabling webmail integration and domain-level control.

πŸ‘‰ Learn More

Ensure GDPR compliance effortlessly by understanding how to handle Zoho Mail Data Subject Requests with step-by-step privacy protocols.

πŸ‘‰ Learn More

Optimize user provisioning and deactivation workflows with the Zoho User Management Guide.

πŸ‘‰ Learn More

Deploy the Zoho Mail Plugin for cPanel for centralized management and quick access to email features within your hosting panel.

πŸ‘‰ Learn More

Implement eDiscovery & Email Retention features in Zoho Mail to meet legal and compliance requirements.

πŸ‘‰ Learn More

Learn how to handle Zoho Mail & Workplace Subscription Management, including renewals, upgrades, and license allocation.

πŸ‘‰ Learn More

Control access levels with Zoho Mail Roles & Privileges, defining what users and admins can see or do within the mail system.

πŸ‘‰ Learn More

Enhance your organization’s inbox hygiene with Zoho Mail Spam Control Settings that block malicious content.

πŸ‘‰ Learn More

Configure your domain and users with this Zoho Email Hosting Setup Guide.

πŸ‘‰ Learn More

Use the Zoho Mail Migration Wizard to transfer emails, users, and settings easily from other platforms.

πŸ‘‰ Learn More

Set up IMAP Autodiscovery Settings in Zoho Mail for easier email client integration.

πŸ‘‰ Learn More

Define and apply Custom Email Policies in Zoho Mail that enforce organization-wide standards.

πŸ‘‰ Learn More

Adjust Organization Email Settings in Zoho Mail for user preferences, default policies, and server-level configurations.

πŸ‘‰ Learn More

Secure Zoho Mail access with the right Firewall Settings configuration using this comprehensive guide.

πŸ‘‰ Learn More

Get an overview of organizational email performance with the Zoho Mail Organization Dashboard.

πŸ‘‰ Learn More

Resolve Domain Verification Failed in Zoho Mail by identifying possible causes and correcting DNS settings.

πŸ‘‰ Learn More

Strengthen your organization’s protection using Zoho Mail Admin Console Security Settings.

πŸ‘‰ Learn More

Plan a successful Email Migration to Zoho Mail with minimal downtime and data loss.

πŸ‘‰ Learn More

Avoid data loss with reliable Email Backup & Recovery in Zoho Mail, ensuring quick restore options.

πŸ‘‰ Learn More

Integrate Zoho Mail with Outlook via the Zoho Mail Outlook Add-In for improved productivity.

πŸ‘‰ Learn More

Streamline team communication by creating Email Groups or Distribution Lists in Zoho Mail.

πŸ‘‰ Learn More

Use the Zoho Mail Toolkit for admins to quickly resolve issues, perform diagnostics, and enhance configurations.

πŸ‘‰ Learn More

Track email security events through the Zoho Mail Security & Compliance Dashboard.

πŸ‘‰ Learn More

Learn how to Search in Zoho Mail Admin Console using quick tips and tricks for efficient navigation.

πŸ‘‰ Learn More

Search, compare & buy top business software with FGRADE. Find the best deals on Microsoft 365, Zoho, Google Workspace & more. Shop smart & save big!

Office Address

AWFIS, Ground Floor, DSL abacus it park, Survey Colony, Industrial Development Area, Uppal, Hyderabad, Telangana 500039

Call us: +91 916 056 5554

Email: sales@fgrade.com

Quick Links

Emails +

Cloud-Zimbra Email Backup Bulk Email Dmarc Shield Email Security Email Microsoft 365 Hybrid Email Batch 365 Expert Dmarc Sendgrid Sophos Email Security

Softwares +

Continually-info Astra Dashly.io Offeo Video Maker Bitrix24 Dynamics 365 GreytHR Docusign Team Viewer Freshworks Moosend Sharepoint Development

Security +

Soti-One MobileDeviceManagement Soti Go to Rescue Go to Resolve 42 Gears Sure MDM Seceon Checkpoint Acronis Barracuda

Zoho +

Website +

Website Backup Web Security Bundle SSL Digital Marketing Web Application Firewall Server Security Website AMC

Computing +

Azure GCP AWS VPS Server

Resources +

Freshsales Blog Freshdesk Guide Zoho Mail Zoho Mail Admin Console Google vs Zoho Comparison Microsoft vs Zoho Comparison Compare Zimbra vs. Zoho Mail Expert DMARC Zoho vs Google vs M365 Pricing Calculator