Zoho Assist introduced Secure Connect on June 15, 2026, adding mandatory multi-factor authentication (MFA) for unattended remote access sessions. This new security layer requires every technician to verify their identity before accessing unattended devices, closing credential gaps that arise when credentials are shared or compromised, according to zoho.com.
The Secure Connect feature enforces MFA across all unattended access without exceptions, ensuring credentials alone no longer grant entry. It also includes a configurable reauthentication timeout, allowing technicians to reconnect to the same device within a set period without re-verifying. Device exclusions can be configured to exempt specific devices from this requirement, as detailed by Zoho's blog.
This enhancement addresses a critical security risk in remote support environments where unattended access occurs outside business hours without end-user presence. By mandating MFA, Zoho Assist aligns with growing industry standards to prevent unauthorized access due to compromised credentials. The move reflects broader trends in SaaS security, where multi-factor authentication is increasingly standard for sensitive access points.
The Secure Connect update is effective immediately for all Zoho Assist users, marking a significant step in strengthening remote support security. Organizations using Zoho Assist can configure MFA settings and device exclusions through the platform's administrative controls, as outlined in the June 15 blog post on zoho.com.