Zoho’s security stack improves businesses’ protections against breaches and attacks

Zoho Corporation announced new safeguards to its reinforced, tightly integrated security tech stack.

Comprised of four solutions—Ulaa, Zoho Directory, Zoho OneAuth, and Zoho Vault—Zoho’s security stack provides businesses the highest level of protection against tracking, breaches, and attacks, without sacrificing employee and organizational productivity.

Today, security breaches are more frequent and costly than ever before. A recent IBM report estimates the global average cost of a data breach in 2023 to be $4.45 million, more than enough to put some companies out of business. To help global organizations defend against growing threats, Zoho’s stack is comprised of a privacy-first browser (Ulaa), workforce identity and access management (IAM) platform (Directory), multi-factor authentication (MFA) solution (OneAuth), as well as a secure password manager (Vault).

“Metrigy’s research data shows that attacks against business applications are continuing to increase, while at the same time, many organizations lack a comprehensive, full-stack approach for protecting themselves against growing risk,” says Irwin Lazar, President and Principal Analyst at Metrigy.

“In addition, adoption of generative AI is growing, with nearly 85% of our research participants using or planning to use it while only 39% have implemented a generative AI security strategy. Zoho’s integrated approach, combining identity and access management with a secure browser provides IT and cybersecurity leaders with an integrated suite of tools to secure application and data access, including generative AI services,” added Lazar.

“We are really pleased that Zoho continues to focus specifically on its security-related offerings,” said Jeff Anderson, VP of IT at Integris Credit Union. “We’ve implemented Ulaa, Vault, and OneAuth, and connected them to over a dozen SaaS applications using Zoho Directory. As a credit union, Integris is entrusted with incredibly sensitive customer data, and we won’t take chances on the security, privacy, and trust of our customers. These tools provide protections we need while offering simplified management for IT, which saves us time and money. Integris Credit Union now uses all four applications in Zoho’s security stack, and I dare say, we could not do without them anymore.”

Key features of the four solutions that comprise Zoho’s security stack:


Ulaa, Zoho’s privacy-first browser, emphasizes data privacy and security, enhancing productivity while blocking web surveillance and tracking. Ulaa now features ML-powered phishing detection, which protects users by identifying and blocking phishing sites with advanced algorithms. Another new feature of Ulaa is its crypto mining detection, enhancing security by preventing unauthorized mining attacks. Superior ad blocking protects user privacy by eliminating intrusive ads and tracking scripts.


Zoho Directory, Zoho’s workforce IAM platform, now helps businesses manage their users, apps, devices, and networks securely and from one single console with one secure credential. With conditional access and routing policies, IT admins can also automate access management without the fear of security breaches.

Users can upload their own encryption keys from an external key manager to encrypt their data thereby ensuring that only they have access to it using the Bring Your Own Key (BYOK). With Zoho Directory Cloud RADIUS, businesses can also now authenticate enterprise WiFi networks and VPNs. Additionally, Windows, Mac, and Linux devices can now be authenticated using Zoho Directory.


OneAuth, Zoho’s multi-factor authentication solution, now offers Smart Sign-in, providing users a faster way to log into their Zoho accounts by scanning a secure QR code. Additionally, Zoho has made it easier to enforce MFA across organizations, enabling administrators to add employees by carrying over their MFA session from web browser to mobile device, removing friction from the adoption process.

OneAuth’s passwordless feature allows Zoho users to enter their username, after which they can log in via a push notification and biometric verification. In case of MFA-fatigue attacks, users can enable Restrict Sign-in and lock accounts from further attempts.

Accessing OneAuth is more secure with App-Lock, whereby unauthorized sessions can be killed remotely with Remote Logout. OneAuth offers encrypted cloud sync, which makes it possible to use the authenticator across devices. Users can recover lost or stolen devices via a Passphrase, which is known only to them, thereby making sync and recovery doubly secure. OneAuth is available in Android, iOS, macOS, iPadOS, watchOS, Wear OS, and Windows.


Zoho Vault, the company’s enterprise password manager, enables businesses to store, share, and manage workforce passwords from anywhere. It offers a password generator, policies, breached password detection, compliance reports, browser extensions, and mobile apps.

Additionally, Vault provides storage of confidential data, including credit card information, private notes, and software licenses, allowing administrators to set and maintain access privileges for employees based on need and compliance. Vault offers browser extensions, mobile apps, and desktop apps for all popular platforms.

“Nothing is more important to Zoho than the privacy and security of not only our customers but their customers, too,” said Raju Vegesna, Zoho’s Chief Evangelist. “That’s why we’re announcing additional safeguards to our integrated security stack, bringing businesses the broad and deep protection needed to defend against today’s increasingly sophisticated attacks. This stack is unlike anything else on the market, providing top security solutions alongside a privacy-first browser, which affords users an additional layer of safety against surveillance and tracking.

More about

Don't miss