Zapier allows you to automate workflows by interconnecting various apps and services to increase productivity; however, with this convenience comes the responsibility of configuring Zapier Security. While the settings are limited, this blog will highlight the existing security functionality and what to configure it to.

4 Important Considerations for Zapier Security

1. Configure Multi-Factor Authentication (MFA)

MFA is a cornerstone of account security, providing an additional layer of protection beyond just a password. By enabling MFA on your Zapier account, you ensure that even if someone gains access to your password, they still cannot access it without the second authentication factor. Use app-based MFA instead of SMS to avoid vulnerabilities like SIM swapping. You can configure MFA in the Advanced settings page for Zapier.

• Set up two-factor authentication for your Zapier account (Zapier Help Center)

2. Ensure SSL Checks Are Enabled

SSL (Secure Sockets Layer) encryption ensures that data transmitted between your web browser and Zapier is secure. By enabling SSL checks, you protect your sensitive data from being intercepted by malicious actors. Always verify that SSL is active on all Zapier integrations, particularly those that handle confidential information. This can only be applied globally to all integrations and when checking this, you will disable SSL Certificate Checks for all integrations. By default, this setting isn to enabled.

• SSL certificate checks in Zapier (Zapier Help Center)

3. Review Authorized Applications Periodically

When you authorize a third-party app to access your Zapier account, it can access some or all of your Zapier data. The Authorized Applications page in Zapier lists all third-party apps connected to your account, showing you exactly what data each app can access. It’s essential to regularly review this list and revoke access for any apps that are no longer necessary. Remember, these authorized apps are tied to your user profile, not just a single account. This means if you belong to multiple Zapier accounts under the same profile, those apps will have access to data across all your accounts.

• Authorize apps to access your Zapier account (Zapier Help Center)

4. Review Audit Log Regularly

Audit logs in Zapier offer a comprehensive record of the activities performed within your account, including details of who accessed what and when. It is important to regularly review these logs to identify any unusual or unauthorized activity that may signal a security breach. Audit logs are exclusively accessible on team plans and not on personal ones.

• Use audit log to review your account activity (Zapier Help Center)