Zoho Corporation Limited

ManageEngine Patch Manager Plus: Unified patch management and vulnerability remediation solution

A unified patch management solution that streamlines and automates the patch management lifecycle of an enterprise, from testing to deployment of the patches and generating reports. It supports patching across servers, workstations, and laptops and deploys patches to Windows, macOS, Linux, drivers, BIOS, antivirus, and 850+ applications on various networks.

Features

• Detection and remediation of missing patches in real time.
• Automated patch deployment to simplify the patch management lifecycle.
• Patch testing and approval for operating system and application updates.
• Integrations with vulnerability management, remote control, and ITSM solution.
• On-demand patch distribution via Self Service Portal for patches.
• Deploy patches across LAN, WAN, DMZs, and WFH users.
• Deploy N-1 or the latest patches as per enterprise requirements.
• Patch prioritisation and deployment based on severity and CVSS scores.
• Flexible pre and post-deployment policies allowing skip or postpone reboot.
• Patch compliance management and reports generation from a single dashboard.

Benefits

• Reduces manual patching dependencies by automating the patch management process.
• Offers centralised visibility to monitor vulnerability detection and mitigation.
• Supports patching in various networks including DMZs and WFH users.
• Enhances vulnerability mitigation in endpoints using risk-based and severity-based prioritisation.
• Versatile patching with cross platform support from a single dashboard.
• Ensures minimum hindrance to employee productivity with flexible reboot policies.
• Boosts network patch compliance with holistic reporting and rapid analysis.
• Flexibility in installing patches to users via Self Service Portal.
• Rapid issue resolution via support and connect with user community.
• Recurring patch deployments that you can set and forget.

£276 a licence a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at zohouk-gcloud@eu.zohocorp.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

841222190824024

Contact

Sreyas Benjamin
+44 2038072092
zohouk-gcloud@eu.zohocorp.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Patch Manager Plus integrates with an ITSM solution such as ServiceDesk Plus and an IT analytics solution such as Analytics Plus. Additionally, users can also integrate with vulnerability management solutions such as Tenable and Rapid7 to import vulnerabilities detected by them and mitigate them from the Patch Manager Plus console.
• Cloud deployment model: Private cloud
• Service constraints: Patch Manager Plus requires its agents to be installed in the managed end-user machines. As a cloud solution, the service undergoes planned maintenance and enhancements from time to time which are intimated over various communication channels such as forum, email, and product banner. Service updates are regularly posted in status.manageengine.uk where the user can find the detailed account of any planned/unplanned maintenance.; ; Furthermore, Patch Manager Plus can be used to manage patching for only Windows, macOS, certain Linux flavours, and specific third-party applications. The detailed list of supported flavours and applications can be found at manageengine.com/patch-management/supported-applications.html
• System requirements:
  • Appropriate Internet Connectivity.
  • Browser application.
  • Minimum screen resolution should be 1280x1024 pixels or higher.
  • Distribution Server for bandwidth optimisation.
  • A license is required to manage over 25 endpoints.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Severity Level along with their Acknowledgement Time:; ; 1) S1 – Major - Within 4 regional business hours; ; 2) S2 – Moderate - Within 12 regional business hours; ; 3) S3 – Low - Within 24 regional business hours ; ; Weekend Support is available for customers opting for Premium Support.; There are no differences in response time or priority during the weekends in Premium Support.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: We have Chat option within the product to interact with a human support representative. Apart from requesting support within the product, users can also access our web chat support by visiting our webpage and clicking on the support icon located at the bottom right.; In terms of accessibility, we ensure:; 1) Mouseless intervention; The application has been made entirely usable without the need for a mouse device. The product supports mouseless intervention, which allows navigation throughout, by using the following keys:; ●Tab for navigating forward; ●Shift+Tab for navigating backward; ●Enter/Return for option selection; 2) Zoom controls and font size; The application is entirely adaptable with Zoom control support of 80% to 125% irrespective of the device being used, whether a large device or small, enhancing the overall product visibility. ; It supports maximum readability by allowing adjustments to the font size of the content/text within (small, medium, or large) as the user desires, enhancing clarity and legibility.; 3) Screen reader compatibility; Our application being text-only, allows the usage of the screen reader extensions enabling the focus area on the screen (either through the Tab key or mouse click) to be read out aloud, making all the content accessible.
• Web chat accessibility testing: The application has been tested using manual testing methods for navigation and readability. Screen reader compatibility has been tested with the Chromevox extension, which reads the focus content on the screen aloud.
• Onsite support: Yes, at extra cost
• Support levels: ManageEngine offers two tiers of support: Classic and Premium. ; 1) Classic Support: With Classic support, you can reach out to our support team through email or chat during regional business hours. Our support specialists will work on the case and, if needed, will provide support over a remote session at the earliest availability. And you get access to our product upgrades and other online resources. Classic support is included, free of charge, with your Subscription license of any ManageEngine product.; 2) Premium Support: Purchasing premium support gives you the boost you need to configure and successfully deploy the ManageEngine product for your business. In addition to the services included in our Classic support, Premium support gives you a single point of contact, quicker turnaround time, and 24-hour multi-channel assistance (including telephone support).
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Once a user signs up for Patch Manager Plus, there are multiple ways to get up and running with Patch Manager Plus and gain product proficiency.; ; 1. In-product onboarding: In-product guidance and instructions that activate users and familiarise them with the platform after signing in for the first time.; ; 2. Paid Product Support: Apart from classic support, Patch Manager Plus provides a dedicated team of solution engineers and product experts help users to get started with configuring Patch Manager Plus practices through a variety of paid programs.; ; 3. Online documentation: Patch Manager Plus provides in-depth help documentation that is hosted online at https://www.manageengine.com/patch-management/help.html, which provides detailed guidance for administrators, technicians, and end-users. ; ; 4. Patch Tuesday videos: Apart from help documentation, Patch Manager Plus also maintains a repository of video tutorials with our product experts on the latest Patch Tuesday updates released every month which can be found at https://www.manageengine.com/patch-management/patch-tuesday.html; 5. Dedicated Technical Account Managers: Patch Manager Plus' Technical Account Managers travel around the globe meeting customers in their offices for on-site health checks. ; ; 6. In-person events: ManageEngine also hosts in-person workshops and user conferences to help train customers on the product capabilities with an option to avail product associate certification.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: After the evaluation period, users will be prompted to move to the free edition of Patch Manager Plus (maximum 25 endpoints). If the user does not move within 3 months (after repeated follow-ups), user data will be archived and will be deleted from our internal records after 3 subsequent months. ; A licensed user can terminate a contract by deleting their org within the application console during which the user is given the chance to download a copy of basic inventory data.
• End-of-contract process: Once the contract period ends, in the absence of any renewal contract, the Endpoint Central license is deprecated to the standard edition that is free to use up to 25 endpoints and 1 technician.; Upon termination of a user account, user data gets deleted from the active database during the subsequent clean-up that occurs once every 6 months. The data deleted from the active database will be deleted from backups after 3 months. During the offboarding process, we provide the option to export data and ensure that all sensitive information is securely transferred or deleted as per our privacy policy.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Linux or Unix
  • MacOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Users will be able to access core modules of Patch Manager Plus on their mobile devices (via a dedicated Android/iOS app) with minimal variations compared to the desktop experience. The navigation and user experience have also been optimised for mobile view.; The application has been scaled to fit mobile devices with reduced functionality It is not available for offline use and proper internet connectivity is required for syncing the latest data.; Some of the list of available functionalities are Scope of Management, Patch management, summary, scan systems, supported patches, and so on.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: IT admins/technicians/evaluators/analysts can access the product console (service interface) on browser-only platforms (for desktops) and iOS/Android app (for mobile devices). The Self Service Portal for patches which enables end users to deploy patches as per their requirements is available from the taskbar of the managed endpoints on the user end. ; The user interface hosts a dashboard that offers admins a holistic view of the network. Additionally, all other actions can be performed from the menus. The broader menus are placed at the top of the screen horizontally. On clicking each, several other functionalities open up on the left sidebar.
• Accessibility standards: None or don’t know
• Description of accessibility: Patch Manager Plus is accessible over a user-friendly web interface that is accessible through major web browsers such as Google Chrome, Microsoft Edge, Safari, and others. Service interface does not override the user’s individual display attributes (such as contrast and colour). Service interface does not have elements that flashes/blinks at high frequency.
• Accessibility testing: ManageEngine is working to reach WCAG accessibility standards for Patch Manager Plus Cloud. We are yet to perform any interface testing with users of assistive technology.
• API: Yes
• What users can and can't do using the API: The Patch Manager Plus API facilitates easy integration with the existing infrastructure using REST APIs. Users can perform various patching activities easily from a single console. ; ; Prerequisites to use Patch Manager Plus API:; Patch Manager Plus REST API supports OAuth 2.0 protocol to authorise and authenticate API calls. ; The steps to generate an OAuth token are as follows:; 1) Generate <Client ID> and <Client Secret>.; 2) Authorisation by generating the <grant token>. ; 3) Generating <Access> and <Refresh Token>.; 4) Generate <Access Token> from <Refresh Token>.; ; The available functionalities accessible through APIs are:; 1) Scope of Management (SoM); 2) Patch Details; 3) Automatic Patch Deployment; 4) Patch Configuration; ; In case the user has removed or regenerated the Auth Token, then the existing token will become invalid and cannot be used in API requests.; In case the user is deactivated, then all the Auth Tokens of the user's account will become invalid.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Administrators have the flexibility to personalise the look and feel of the console according to their preferences. Administrators can configure user accounts, provide role-based access, reorganise the menu bar, rebrand the console, and generate customised reports based on inventory parameters. Further service level customisation can be qualified upon request to Support.; ; The customisations can be made free of cost. However, for further service level customisations, when the user reaches out to the support, it will be qualified by ManageEngine if those can be made free of cost or upon a fee.

Scaling

• Independence of resources: We have a distributed network of servers across the globe that ensures service uptime and efficient content delivery with minimal latency. Individual Customer data is logically separated within a database to ensure data security and privacy. Failover and load-balancing systems are put in place for overall reliability and seamless resource utilisation.

Analytics

• Service usage metrics: Yes
• Metrics types: 1) Users can view their license information (like endpoints used, expiry, add-ons utilised).; 2) Users are offered Uptime/Downtime metrics (availability of the cloud service over a year). There is a provision of user communication for planned maintenance, downtime, and RCA.; 3) Details of the Automate Patch Deployment (APD) tasks are notified to the admins (if configured) via mobile app and email.; 4) Status of patch approval (approved/failed) is notified to the admins (if configured) via mobile app and email.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Other
• Other data at rest protection approach: Sensitive customer data at rest is encrypted using 256-bit Advanced Encryption Standard (AES). The data that is encrypted at rest varies with the services you opt for. We own and maintain the keys using our in-house Key Management Service (KMS). We provide additional layers of security by encrypting the data encryption keys using master keys. The master keys and data encryption keys are physically separated and stored in different servers with limited access.
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Patch Manager Plus allows you to export reports as PDF, CSV, and XLSX. In addition, users can mask/remove any Personally Identifiable Information (PII) from their reports. These can be exported from the Reports section in the console. Also, individual reports for the functionalities can be exported from the respective views, i.e. Manual Deployment, Automate Patch Deployment, Test, and Approve.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • .xlsx
  • .pdf
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Other
• Other protection between networks: We mandate all connections to our servers use Transport Layer Security (TLS 1.2/1.3) encryption with strong ciphers including web access,API access,our mobile apps, and IMAP/POP/SMTP email client access. For email, we leverage opportunistic TLS that encrypts and delivers email securely, mitigating eavesdropping between mail servers where peer services support this protocol.; ; Full support for Perfect Forward Secrecy (PFS) with encrypted connections ensuring that even if we were somehow compromised in future, no previous communication be decrypted. Enabled HTTP Strict Transport Security header (HSTS) to all our web connections. Additionally, on the web we flag all our authentication cookies as secure.
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Other
• Other protection within supplier network: We use firewalls to prevent unauthorised access and undesirable traffic. Systems are segmented into separate networks to protect sensitive data. Network security and monitoring techniques are designed to provide multiple layers of protection and defence. Systems supporting testing and development activities are hosted in a separate network from production infrastructure. We monitor firewall access regularly everyday and also once every six months. Our dedicated Network Operations Centre team monitors the infrastructure and applications for any suspicious activities. All crucial parameters are monitored using our proprietary tool and notifications are triggered in any instance of abnormal or suspicious activities.

Availability and resilience

• Guaranteed availability: To prevent the risk of technical issues causing delays, the ManageEngine team implements several measures. ; 1) We have a proactive approach to outage avoidance, ensuring that our systems are robust and resilient. ; 2) We conduct regular service performance planning to optimise the performance of our platform and minimise the chances of technical issues. ; 3) We measure downtime meticulously to identify any areas of improvement and take necessary actions to minimise it. ; 4) In ManageEngine, a proper Business Continuity Plan (BCP) & Disaster Recovery (DR) are in place. The data from our primary data centre is streamed continuously to our DR data centre. Hence, in case of any disaster in our primary data centre, the DR data centre will take over and continue serving with minimal delay, ensuring high availability. Additionally, we are prepared to handle ad-hoc service needs by having a dedicated support team available to address any technical issues promptly. ; Our average monthly service uptime is 99.9%. The live service availability status can be seen at status.manageengine.uk or status.manageengine.com or status.manageengine.eu depending on your hosting location.; Upon request, ManageEngine will, as per the terms and conditions of its Service level agreement, provide service credits.
• Approach to resilience: Application data is stored on resilient storage that is replicated across data centres. Data in the primary DC is replicated in the secondary in near real-time. In case of failure of the primary DC, the secondary DC takes over and the operations are carried on smoothly with minimal or no loss of time. Both the centres are equipped with multiple ISPs.We have power back-up, temperature control systems, and fire-prevention systems as physical measures to ensure business continuity. These measures help us achieve resilience. In addition to the redundancy of data, we have a business continuity plan for our major operations such as support and infrastructure management.
• Outage reporting: We have a dedicated incident management team. We notify you of the incidents in our environment that apply to you, along with suitable actions that you may need to take. Additionally, we track and close the incidents with appropriate corrective actions. Whenever applicable, we will identify, collect, acquire and provide you with necessary evidence the form of application and audit logs regarding incidents that apply to you. Furthermore, we implement controls to prevent recurrence of similar situations.; We respond to the security or privacy incidents you report to us through incidents@zohocorp.com, with high priority. For general incidents, we will notify users through our blogs, forums, and social media. For incidents specific to an individual user or an organisation, we will notify the concerned party through email (using the primary email address of the Organisation administrator registered with us). Service outages can be viewed at status.manageengine.uk or status.manageengine.com or status.manageengine.eu depending on your hosting location.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Users can log in to Patch Manager Plus through a two-step process. First, they are verified using their credentials. If that initial verification is successful, they may then need to provide additional authentication factors (MFA) depending on the administrator's configuration in ManageEngine Endpoint Central. Users can also log in via SSO support for Google, LinkedIn, GitHub, Apple, Yahoo, Microsoft or Slack.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password
  • Other
• Description of management access authentication: We employ technical access controls and internal policies to prohibit employees from arbitrarily accessing user data. We adhere to the principles of least privilege and role-based permissions to minimise the risk of data exposure.; Access to production environments is maintained by a central directory and authenticated using a combination of strong passwords, two-factor authentication, and passphrase-protected SSH keys. Furthermore, we facilitate such access through a separate network with stricter rules and hardened devices. Additionally, we log all the operations and audit them periodically.

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 09/08/2022
• What the ISO/IEC 27001 doesn’t cover: Zoho has earned ISO/IEC 27001:2013 certification for Applications, Systems, People, Technology, and Processes. ManageEngine is a division of Zoho. Anything else apart from the ones mentioned above is not covered by the ISO/IEC 27001 certification.
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 01/03/2023
• CSA STAR certification level: Level 1: CSA STAR Self-Assessment
• What the CSA STAR doesn’t cover: NA
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • ISO/IEC 27701
  • ISO/IEC 27017
  • ISO/IEC 27018
  • SOC 2 Type II

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We have a dedicated Compliance team and they conduct internal risk assessments to confirm if the policies are followed. Zoho has an established governance framework that supports relevant aspects of information security with policies and standards. Roles and responsibilities for the governance of Information Security within Zoho are formally documented and communicated by the management. Zoho shall establish, implement, and maintain an information security program in accordance with the international standard ISO 27001 that includes technical and organisational security and physical measures as well as policies and procedures to protect customer data processed by Zoho against accidental loss, destruction or alteration, unauthorised disclosure or access, or unlawful destruction. Zoho maintains documented information security and data privacy policies and requirements and communicates them periodically to those employees responsible for the design, implementation, and maintenance of security and privacy controls. The policies are reviewed annually to keep them up-to-date. This policy gets verified during our third-party audits like ISO and SOC

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: We have the Change Management procedures in place that include the following but are not limited to all the changes to the organisation, applications, systems, people, technology, and processes, information processing facilities that affect information security/privacy. For every change, the security impact is analysed. We maintain Audit logs as evidence of all the changes. Fall-back procedures, including procedures and responsibilities for aborting and recovering from unsuccessful changes and unforeseen events, are documented and communicated. Zoho shall notify the customer of any changes that may affect the customer in an adverse manner.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We have a dedicated vulnerability management process that actively scans for security threats using a combination of certified third-party scanning tools and in-house tools with automated and manual penetration testing efforts. Our security team actively reviews inbound security reports and monitors public mailing lists, blogs, and wikis to spot security incidents that might affect the company’s infrastructure. Once we identify a vulnerability requiring remediation, it is logged, prioritised according to the severity, and assigned to an owner. We further identify associated risks and track the vulnerability until it is closed by either patching the vulnerable systems or applying relevant controls.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: We monitor and analyse information gathered from services, internal traffic in our network, and usage of devices and terminals. We record this information in the form of event logs, audit logs, fault logs, administrator logs, and operator logs. These logs are automatically monitored and analysed to a reasonable extent that helps us identify anomalies such as unusual activity in employees’ accounts or attempts to access customer data. We store these logs in a secure server isolated from full system access, to manage access control centrally and ensure availability.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We have a dedicated incident management team. We track and close the incidents with appropriate corrective actions. We will identify, collect, acquire, and provide users with necessary evidence in the form of application and audit logs regarding incidents applicable.; We respond to the security or privacy incidents you report to us by mailing us to incidents@zohocorp.com with high priority. For general incidents, we will notify users through our blogs, forums, and social media. For incidents specific to an individual user or an organisation, we will notify the concerned party through the primary email of the Organisation administrator registered with us.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We've partnered with Equinix to host our UK data centres in London and Manchester. Equinix is also committed to sustainability and is compliant with the Climate Neutral Data Centre Pact, ISO 14001, LEED, etc. The energy supply for the Zoho UK’s workspace at Bletchley is derived from renewable sources, accounting for 21% of total power consumption. LED retrofits have been implemented to enhance energy efficiency throughout the building. Designed with a focus on energy efficiency, data centres that support Zoho UK are powered by renewable energy. Further, these data centres are progressing towards integrating with a solar grid to reduce environmental impacts. All purchased energy for the data centres is sourced from green energy providers. This enables us to minimise the carbon footprint associated with our operations. The United Kingdom has committed to achieving carbon neutrality by 2050. Supporting this pledge, we have taken steps to monitor greenhouse gas (GHG) emissions from our operations and implement measures to mitigate them. We account for Scope 2 and Scope 3 emissions and exclude Scope 1 emissions as our work does not involve fuel combustion within operational boundaries. We've switched completely to electric vehicles for movement within the campus.

  Covid-19 recovery

  During the COVD-19 pandemic, Zoho worked to minimise the impact of COVID on our customers, other business and our local community. At the start of the pandemic, Zoho created and distributed a Secure Remote Access Toolkit to help organisations quickly adapt to and work securely during the pandemic. This toolkit was made free for the first 100 days. To assist organisations impacted by the pandemic, Zoho offered free licences of flagship products, and offered discounts and waivers on licences on a case-by-case basis. While most of our employees worked from home, we kept the kitchen at our Chennai headquarters running with a skeletal staff to provide food to underprivileged people in the local area, many of whom were impacted due to a loss of employment during the lockdown. We converted one of our office buildings into a temporary COVID-19 ward to accommodate citizens who were required to quarantine. We ran vaccination camps to our employees, their dependents and the support staff who worked in Zoho.

  Tackling economic inequality

  Zoho has always aimed to tackle economic inequality and give back to the community. This is reflected in the following: Coined by our CEO, transnational localism is the philosophy that underpins our staffing and office location plans. Instead of focusing on crowded urban centres, we've been opening spoke offices in smaller towns and villages. The goal is to improve local infrastructure, boost the economy of these smaller towns and villages, and provide more employment opportunity. As part of our philosophy of transnational localism, we believe in hiring locally for each spoke office. This helps promote local talent and bring high-paying jobs back to the villages and towns where we are based.

  Equal opportunity

  As part of our efforts to tackle inequality, Zoho Corporation Limited have made efforts to provide equal opportunities and tackle workforce inequality. All roles at Zoho Corporation are open to all people irrespective of gender, sex, race, ability, or religion. We hire solely based on skill and have a diverse team. We eschew discrimination on any grounds, including age, colour, disability, ethnicity, family or marital status, gender identity or expression, language, national origin, physical and mental ability, political affiliation, race, religion, sexual orientation, socio-economic status, and other unique characteristics that define our associates. Instead, we espouse, fairness, striving to ensure that a merit-based approach allows wage parity among associates with comparable experiences and responsibilities, irrespective of their gender. Our campus has been designed to be accessible to all, including differently- abled colleagues. The layout design includes ramps and lifts in every building, allowing ease of mobility and access to all. Apart from the usual shuttle facilities, special cab service covering a certain distance is given for women during their third trimester.

  Wellbeing

  Zoho Corporation Limited adheres to industry standards in remuneration, ensuring that compensation is equitable across genders. Recognising the diverse needs of our people, we provide essential support such as parental leave, aligning with our efforts to build an organisation that values and cares for every individual. We have trained medical practitioners and a dedicated medical clinic available on all days of the week. Employees can freely avail their services. The Hazard Identification & Risk Assessment (HIRA) Framework is followed rigorously at the premises. We provide in-house counselling to our employees for free via our team of trained and qualified therapists. We organise free medical check-ups for our employees on an annual basis. We organise regular blood donation camps in association with various blood banks. We have open house sessions conducted by the CEO periodically where employees can raise any concerns. Day Care facilities provided for employees kids. The compliance monitoring framework involves ongoing reviews and enhancements of occupational health programmes, guided by feedback, data analysis, and emerging best practices.

Pricing

• Price: £276 a licence a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: We offer an all-inclusive, free, 30-day trial for all users.; Once the trial period is over, the product with all of its features will be available for 25 endpoints (20 workstations, 5 servers, 1 technician) only.
• Link to free trial: https://www.manageengine.com/uk/patch-management/free-trial.html

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at zohouk-gcloud@eu.zohocorp.com. Tell them what format you need. It will help if you say what assistive technology you use.