Security and Compliance Dashboard
Posted by Nishi on 24 January 2025
Overview
The security and compliance dashboard in the Zoho Mail Admin console provides an overview of all the recommended security configurations. It displays the overall security and compliance score along with the completion status for each action.
Security and Compliance Score
The security and compliance score assesses your progress in completing the recommended actions to improve your organisation's security. The highest score indicates that your organisation is highly secure against all types of spoofing, account breaches and any data leaks, while the lowest score indicates that your organisation is vulnerable to a security breach. It is recommended to complete all the mentioned actions to keep your data secure.
The security threats that we protect you from include:
-
Spoofing - An email is considered to be spoofed when spammers forge an email address of an organization/ person.
-
Malware - Malware is any file or program that is intentionally designed to harm your computer/ network/ server.
-
Account Breach - Account breach is a security violation that exposes any confidential or sensitive information by an outsider.
-
Data Exfiltration - Data exfiltration is an unauthorised removal or movement of data from a device.
-
Data Leak - Data leak is accidental exposure of sensitive data onto the internet.
Certain security actions will be configured automatically such as MX records, SPF verification, and so on. Click Incomplete to quickly view the list of pending security actions.
Recommended Security Configurations
| Security Parameters | Description |
| DKIM Verification | DKIM is an email authentication method that uses encryption to validate if an email is generated from systems authorized by the domain administrator. Emails are detected as spam in case of DKIM Failure. |
| DMARC Verification | DMARC is an email authentication protocol, which builds on the widely deployed SPF and DKIM protocols. In case of authentication failure, the DMARC policy is set to quarantine. |
| DMARC Policy | DMARC is an email authentication protocol. It builds on the widely deployed SPF and DKIM protocols. Additionally, it includes a reporting function that allows senders and receivers to monitor and protect their domain from fraudulent email. |
| DNSBL Verification | DNSBL is a consolidated blocked list based on user spam marking, abuse patterns, and certain third-party blocklists. Emails are detected as spam if the sending domain/ email address or IP address is present on the blocked list. |
| SPF Verification | Sender Policy Framework, commonly known as SPF, is a text record associated with the domain to identify the servers permitted to send emails using the particular domain name. Emails are detected as spam in the case of SPF Failure and SPF Soft Failure. |
| Suspicious Login Alerts | Suspicious Login Alerts, if enabled send an email alerting users of any unusual logins into their email accounts. |
| Organization-wide TFA | Two-factor authentication is an additional security process to secure organization accounts with the combination of a password and a mobile device. You can choose to enable or disable TFA for your organization. |
| MX Record Configuration | MX records are special DNS Server records that designate recipient email servers for your domain. Configuring MX records for your domain ensures that all emails addressed to your domain are sent to the Zoho servers. |
| SPF Record Configuration | SPF is an authentication mechanism that helps in identifying the IP addresses permitted to send emails using the domain name. |
| DKIM Configuration | DKIM is an email validation system that uses encryption to validate if an email has been sent from authorized servers configured by the administrator of the domain. |
| S/MIME Configuration | Secure/Multipurpose Internet Mail Extensions (S/MIME) provides high-level security to your organization's emails. This encrypts the content of the email using keys, and curbs any misuse. It ensures that only authorized personnel can access your data. |
| No Trusted Senders | Emails from email addresses that are added to the Trusted Emails List get delivered to the mailbox without any spam check. These emails will not be validated for SPF/ DKIM/ blocklist checks. Please be doubly cautious before you add any email address to this list, as it may expose the organization to spam/ phishing attacks using this email address. |
| No Trusted Domains | Emails from domains that are added to the Trusted Domains List get delivered to the mailbox without any spam check. These emails will not be validated for SPF/ DKIM/ blocklist checks. Please be doubly cautious before you add any domain to this list, as it may expose the organization to spam/ phishing attacks using this domain. |
| Cousin Domain Verification | Cousin domains or look-alike domains are spoofed domains with their names similar to valid domains. If you expect a domain to send genuine emails, but want to mark an email from any other variations of the domain name as spam, you can add it in this section. |
| Display Name Verification | You can set up a display name and associate one or more email addresses with this display name. The emails that arrive with other display names, other than the ones added here will be considered fraudulent or spoofed emails. |
| Internationalized Spam Settings | You can allow or reject emails based on the language used in the email. If you allow certain languages, emails sent in those languages will be allowed and all the other emails will be moved to spam. Similarly, if you block certain languages, emails sent in those languages will be moved to spam and other emails will be allowed. |
| Group Privilege Settings | You can choose who can have access to create organization and personal groups under group privileges settings. By default, the super admin will have all the privileges in the organization. |
After you complete the security settings, click the tooltip next to each security Action to view the current configuration. You can modify the settings based on your organization's requirement.
Note:
This security feature will be available only for organizations that are using one of our paid plans.
Was this article helpful?
Subscribe now & Get the latest updates
Index / Admin Guide
Zoho Mail provides extensive control panel for the administrators to manage their organization users, email accounts and policies.
Email hosting setup
Zoho Mail Suite provides enterprise features for email hosting to satisfy the needs of organizations of all types and sizes. Zoho Mail provides custom domain-based email address for all members of your organization in no time.
Troubleshooting Domain Verification
When you register the domain with one provider, but point the Nameservers to another provider, then the CNAME/ TXT/ MX/ SPF records added in your Domain Registrar is not considered valid.
Zoho Mail plugin for cPanel
cPanel provides a control panel for domain owners to manage the different aspects of web hosting. Zoho Mail Plugin for cPanel helps you sign up for email hosting with Zoho Mail from within cPanel. This plugin is available under the Email section.
Zoho Mail for Plesk
Plesk is a web hosting platform with a control panel that allows domain owners to manage the different aspects of web hosting. Zoho Mail Plugin for Plesk helps you sign up for email hosting with Zoho Mail from within Plesk.
Searching Admin Console
Zoho Mail Admin Console provides a centralized interface from where you can manage critical aspects of an organization - the different domains, users, groups, organizational spam control, email policies, to name a few. However, this wealth of information might make navigating through the Admin Console slightly challenging.
Dashboard
The Admin Console Dashboard is the first thing you will see as soon as you login to the Zoho Mail Admin Console. It is a culmination of important data your admin might need at their disposal. You can enable or disable widgets in your dashboard including data on your organization's Email Traffic Stats.
Users
The user details section, provides the list of users already added to the organization. When you click on each user, you can have a detailed view about the particular user. The Admin can also perform a set of actions on the user. The primary email address of the users are listed in the section.
Roles and Privileges
The roles available in Zoho Mail are Super Administrator, Administrator, and User roles. The members of the organizations can assume different roles in Zoho Mail, based on the requirement. The Super Administrator can provide Administrator privileges to other users.
Groups
Groups or Distribution Lists are common email addresses, shared by a set of users for a specific purpose. When an email is sent to the group account, a copy of the email gets delivered to the mailbox of all the members of the Group.
Organization Settings
The administrator can control organization-wide parameters under the Organization section. Settings for the entire organization such as the org name, logo, templates for the welcome email and signature, format for the display name and email address.
Domain Options
Zoho Mail allows organizations to add domains to their organization accounts or even buy domains through Zoho. Your organization members will further be able to send and receive emails using their custom domain-based email addresses in Zoho.
Autodiscovery Settings
The Autodiscovery service ensures that email accounts can easily be configured using the IMAP protocol or on mobile devices using ActiveSync. The procedure varies depending on whether you want to configure it for IMAP or ActiveSync.
Email Policies/ Rules
Email Policies help the administrators control the organization's email sending and receiving parameters. In Zoho Mail, you can define multiple email policies and apply them to various sets of users and groups.
Advanced Delivery Options
With Zoho Mail, you can redirect or send a copy of an email automatically by configuring Email Routing. Email Routing is helpful in many situations like if you want to automatically send a copy of one user's email to another.
Security and Compliance Dashboard
The security and compliance dashboard in the Zoho Mail Admin console provides an overview of all the recommended security configurations. It displays the overall compliance score.
Organization Security
Organization accounts hold a lot of sensitive data and there's a need for certain security rules to make sure your data stays safe and is not compromised. The administrator can protect their user and organization data with the help of email security features.
Organization Spam Control
Zoho Mail is a secure email service with a spam control system that provides multiple options to customize the settings such that they suit your organization's needs.
Zoho Mail Outlook Add-in
Zoho Mail users can now experience enhanced email security and have better control over their preferences with the new Outlook Add-in while using their email client.
Export User Accounts
The Zoho Mail Admin Console provide options to export or backup users' emails, recover any deleted emails and also retry sending of emails that have failed delivery.
Migration to Zoho Mail
Zoho Mail offers a very simple solution to migrate data from your previous email provider to the respective user accounts in Zoho Mail directly. These user accounts need to be created in Zoho Mail before adding the migration.
Zoho Exchange Migration Wizard
Zoho user and email migration wizard can be used to discover users and migrate their emails from the Active Directory/ Exchange environment to their accounts in their Zoho Mail organization accounts.
Application Settings
The administrator can control the settings for other Zoho apps and third-party applications and integrations from the Other App Settings section in the Zoho Mail Admin Console.
Email Retention and eDiscovery
Email retention is the process of retaining emails in an organization for a specific period in an organized manner based on the policies of the organization.
Email Backup and Recovery
Email backup processes and stores emails in a safe, centralized location that can be retrieved at any point in time. It helps prevent data loss by enabling users to restore email content that has been accidentally deleted or lost.
Reports & Statistics
Zoho Mail has a separate Admin Reports section which comprises of statistics on various aspects of your organization's emailing experience. As an administrator, these reports will help you gain information on all aspects of your organization.
Zoho Toolkit
Zoho Mail provides easy-to-use diagnostic tools to troubleshoot some services. There are options to check the domain and registry details. You can run some basic DNS configuration checks for a specific domain, and analyze message headers.
Subscription
Zoho Mail offers different plans to accommodate different users. One can choose the subscription that would suit their organization from the array of available plans. You can also opt for the mix and match plan to have a tailor-made subscription.
Firewall settings
Configure your firewall settings and allow your organization members to access Zoho Mail without any restrictions. All of the below-mentioned domains have to be whitelisted even if you don't see activity at those addresses.