At Zoho, our vision is to serve as the operating system for businesses. Ten years ago, in 2013, we decided to launch a cloud-based password manager app for businesses to help them securely store, share, and manage passwords.
Today, Zoho Vault is one of the most trusted password managers in the market used by over tens of thousands of businesses across the globe. To give you an idea of its scale, Zoho Vault users access over 200k passwords, on average, in a typical business day. But this blog is not about Vault's features or its state-of-the-art architecture; rather, we wanted to walk you through the key people who were behind the screens in our decade-long journey.
Lingeswaran—Head of Engineering
In 2013, cybersecurity awareness was not as prevalent as it is now. Can you tell us why Zoho Vault was started?
Zoho has been at the forefront of cloud-based SaaS apps since the early 2000s, and we have always been dedicated to providing innovative solutions for businesses of all sizes. Our sister division, ManageEngine, had already established itself as a leader in enterprise on-premise privileged password management solutions.
This experience has enabled us to gain valuable insights into the pervasive problem of poor password management practices among millions of small and medium enterprises (SMEs) and large corporations alike.
What were some of the early challenges faced by the team?
In the early stages of our product development, we faced several challenges related to creating a secure and reliable team password management solution. One of the most critical challenges we faced was the question of how to maintain the security of the encryption key.
Encryption is a critical aspect of password management, because it ensures that user data is protected and secure. However, to achieve this, we needed to devise a method for keeping the encryption key secure. This was a complex challenge, as we needed to ensure that the encryption key was protected from unauthorized access, while also allowing authorized users to access it when needed.
Another significant challenge we faced was related to the master password. The master password is a critical aspect of any password management solution, because it provides access to all of the other passwords stored within the application. We required a master password that was separate from the Zoho Account password; this was due to Zoho being a large system that offered many solutions, had the account password open to change from any of these, meaning that it would not be a stable option to utilize as a master password.
Overall, these challenges were critical to the development of our product, as they helped us create a secure and reliable password management solution.
What can we look forward to from the team in 2023?
We're constantly seeking ways to enhance the user experience and provide our customers with password management solutions. We're excited to announce the forthcoming launch of our desktop application, which will bring features our customers know in the web app to desktop devices. In addition, we'll be introducing an option to recover a forgotten master password using biometric authentication or a separate key, adding an additional layer of security to our platform.
Other exciting new features include a revamped password policy report, a passphrase generator, and instant notifications. With these new features, we're confident that Zoho Vault will continue to provide businesses of all sizes with secure, user-friendly password management.
Christopher—Head of Customer Support
Tell us about your initial days taking care of customer support for Zoho Vault?
In 2015, I embarked on an exciting journey with Zoho Vault, joining as a member of the technical support team. My role revolved around diligently addressing customers' concerns and resolving any issues they encountered. Our support team operated with a strong focus on adhering to service level agreements (SLAs), committing to respond to all requests within 24 hours on weekdays. For urgent matters, we swiftly reached out to customers via phone or arranged screen-sharing sessions to provide immediate assistance. From the very beginning until now, we've followed this process diligently. This will continue to be the ethos of Zoho Vault's customer support team.
Witnessing the success and growth of Zoho Vault throughout this journey has been truly remarkable. From my early days as a support team member to now leading the team, I take pride in the progress we've made.
Tell us about your technical support experience before Vault?
In my former role, I was responsible for managing a home office of network routers. I developed a keen interest in the critical importance of IT security. It was this fascination with the subject that led me to explore the world of technical support—and I haven't looked back.
How has the procedure for handling deadlines changed over time?
Previously, our operational procedures at Zoho Vault posed challenges due to their complexity and lengthiness, resulting in a backlog in our workflow. As we grew in number, customer requests kept increasing each day and we recognized the need to streamline our procedures and increase efficiency to meet the demands of our growing business. To address this, we implemented Zoho Desk, a tracking and support system. Zoho Desk streamlined our procedures, allowing us to receive, sort, and solve customer issues faster than before. It automated repetitive tasks and helped free up our time for our support team to focus on complex matters. This transformation accelerated our processes, improved response times, and enhanced customer satisfaction.
Deepak, Engineering Manager
Tell us about your journey with Zoho Vault.
Upon joining Zoho Vault, I started off by working on enterprise features such as single sign on (SSO) and active directory/lightweight directory access protocol (AD/LDAP) integration. I was at a pivotal point in my career, seeking growth and opportunities to advance my skills. Little did I know that the challenges presented during my initial stage with the product would not only facilitate my personal and professional growth but also help us build a comprehensive solution that would make the lives of thousands of customers a lot easier.
I see how so much of this would not have been possible without the team's culture. As a team, we had encountered several technical obstacles in our early days, but we were able to overcome these problems together, as a team, because of the foundation that had been built. We put the product and customer needs at the forefront and we continue to do so even today. Now that we're tasked with expanding our teams, we look to share the same core values with our new members.
How was the evolution of product from targeting small teams to larger enterprises?
In its early stages, Zoho Vault was introduced with three distinctive plans catering to personal, standard, and professional editions. As we aimed to attract enterprises, we dedicated ourselves to building a comprehensive solution that would appeal to larger organizations.
Our efforts resulted in the integration of key functionalities such as access control, AD/LDAP integration, and SSO for cloud applications. Notably, our scalable platform is capable of supporting small teams as well as large enterprises with thousands of users. Our flexible pricing plans and customizable features allow businesses to seamlessly adapt to evolving needs by adding new users, customizing password policies, and integrating with new applications.
To further demonstrate our commitment to meeting industry-specific compliance requirements, Zoho Vault is designed to comply with regulatory frameworks such as HIPAA, GDPR, and SOC 2. Our platform also includes features such as role-based access control, audit trails, and two-factor authentication to ensure optimal data security and compliance. All of this allowed us to create the enterprise level offering we have today.
What are some features of Zoho Vault that really stand out to you?
Zoho Vault offers a range of features, and we try to constantly create new features that enhance the overall experience of the customer. Of these, access control is a vital feature that stands out as a robust and granular system. It grants users restricted access to shared credentials and enhances password security.
The SSO for cloud apps feature is another of my favorites. With a single set of credentials, it allows for smooth access to multiple cloud applications, without needing to remember numerous login details. This doesn't just streamline the login experience for customers, it also helps minimize the number of credentials managed by users.
User/group sync is another feature that is relatively unique in how it simplifies user management by automating the synchronization of user and group information across platforms and services. It ensures consistency and accuracy in user permissions and access rights.
Lastly, the emergency access feature provides an additional layer of security and preparedness. It allows authorized personnel to gain temporary access to critical accounts or sensitive information in unforeseen circumstances. This feature can help swiftly handle urgent situations without compromising data integrity, ensuring the continuity of operations when faced with critical scenarios.
Features like this as well as others are important in providing enhanced security, convenience, and efficiency in managing and protecting sensitive data, and are my favorite parts about Zoho Vault.
Suparno, Lead Engineer, Zoho Vault — Browser Extensions
How was your initial period here at Zoho Vault?
A part of my initial foray was to work on the browser extension. With practice and guidance from my peers and seniors, I developed a better understanding of the subject matter. As my responsibilities increased, I was tasked with developing a cryptography library in Python. This project allowed me to gain a deeper understanding of the algorithms employed by Zoho Vault.
Next, I was assigned the quick add feature, which gave me an opportunity to work directly on the web application. Through this, I was able to familiarize myself with the development practices employed by the team, which was an invaluable learning experience.
Overall, working with the Zoho Vault team has been an incredibly rewarding experience that has allowed me to grow to leading development on the browser extension.
Why is the browser extension important for a tool such as Zoho Vault, and what sets its apart from the web app?
One of the primary reasons the extension is important is because it simplifies the login process for users. With just a click, the extension can automate the login process by filling in the user's credentials, saving them time and effort. In addition, the extension can detect any manual sign-in attempts and prompt users to save or update their data into Vault, ensuring that the data is always up-to-date and secure.
Another valuable feature of the extension is its ability to auto-fill payment card information. Users can store their card details securely in Vault and then use the extension to auto-fill the information when making online purchases, reducing the risk of human error and enhancing the user experience.
The Zoho Vault extension also provides users with the ability to change their passwords easily and securely. With just a few clicks, users can trigger a change password action, and the extension will launch the website and automatically perform the necessary actions to change the password.
While many of these features can also be accessed through the web app, the extension offers a level of convenience that cannot be matched. Without the extension, auto-filling cannot be done, and users must enter their credentials manually each time, which can be time-consuming and increase the risk of errors. Therefore, the Zoho Vault extension is an essential tool for users who want to simplify their login process, enhance their security, and streamline their online activities.
What are some features that will be coming from the extension?
One upcoming feature is the OneAuth integration for time-based one-time password (TOTP) autofill. This is a two-factor authentication technique that provides an important additional layer of security to the authentication process. With OneAuth integration, users can easily integrate TOTP secrets along with the stored passwords in Zoho Vault. During the auto-login phase, an approval notification is sent to OneAuth, and the user can approve the notification sent to OneAuth, immediately after which the Zoho Vault extension receives the TOTP which is then auto-filled, eliminating the need to manually enter the code.
In addition to TOTP autofill, another upcoming feature in Zoho Vault is the address filling capability. With this feature, users can store their addresses in Zoho Vault and use the extension to auto-fill the address fields during checkout processes. This eliminates the need to enter the address details each time manually, making the checkout process faster and more efficient.
These features demonstrate Zoho Vault's commitment to providing a comprehensive and secure password management solution that addresses the evolving needs of businesses and individuals alike.
Meenakshisundaram R, Senior Product Marketer
Can you tell us about the differences in marketing a regular SaaS app as opposed to a cybersecurity app?
Marketing any app requires a unique approach and cybersecurity apps are no different in this regard. Unlike applications such as mailing software that have a visibly universal need, the need for cybersecurity apps is not as widely recognized. Marketers of security apps face the hurdle of not only differentiating their products but also driving awareness of the need for such applications, especially because there is a large untapped audience out there. To make matters more complex, many security apps can be jargon-heavy, and non-technical users can easily become overwhelmed with technical terms. This can be a detrimental factor for product adoption.
Additionally, users no longer adopt security solutions solely for security purposes but also focus on user productivity metrics. Therefore, marketers of security SaaS apps must strike a balance between emphasizing the importance of cybersecurity and highlighting the user productivity benefits of their products.
Can you share some interesting marketing campaigns that you've worked on?
A campaign that was interesting and challenging was the rebranding of our user interface in 2019. We were tasked with rebranding the entire user experience while retaining the USP of Zoho Vault. From product terminologies to user navigation, we had to oversee numerous changes without changing the core message of the brand. It was more than just an aesthetic change, because we also wanted to simplify every user's onboarding experience while also making existing users' journey to the new interface frictionless. We wanted to channel our marketing efforts to reflect this product update. It was an extensive exercise that I loved working on.
What was your favorite thing about working with the Vault team?
Working within the Zoho Vault team has been an incredibly enriching experience. It has been wonderful to work with such a talented group of professionals who are always open to feedback and ideas, both from within the team and from external stakeholders.
The team's strong commitment to quality and continuous improvement has been a driving force behind the product's success. I have always been in awe with the level of collaboration and teamwork that is fostered within the team, creating a culture of openness, transparency, and mutual respect. I'm proud to be a part of this culture and to have contributed to the ongoing success of Zoho Vault.
Thank you for being a part of the Zoho Vault community. We'll discover more in the next blog post in this series, where we'll meet other members of the Zoho Vault team.
If you're interested in learning more about how you or your organization can benefit from using a password manager, get in touch with our Zoho Vault experts for more product information and a demo.