Skip Navigation

Manage authentication policies for your tenant

By default,
Cylance Endpoint Security
has three tenant authentication policies that are used to manage the types of authentication that administrators must complete to sign in to the Cylance console and users must complete to activate Cylance Endpoint Security apps or agents (for example, the
CylancePROTECT Mobile
app or
CylanceGATEWAY
). The tenant policies are applied when no app exception or authentication policy is assigned to the user for the console or the app that they are trying to access. The default policies and their authenticators are:
  • Administration Console: This policy uses the
    Cylance
    console password as the default authenticator. For tenants created after March 2024, this policy uses the
    Cylance
    console password and One-Time Password as the default authenticators. It is used for authentication to the
    Cylance Endpoint Security
    management console.
  • CylanceGATEWAY
    : This policy uses the user’s enterprise password as the default authenticator. It is used when users activate the
    CylanceGATEWAY
    app or desktop agent.
  • CylancePROTECT Mobile
    app: This policy uses the user’s enterprise password as the default authenticator. It is used when users activate the
    CylancePROTECT
     app on mobile devices. It is not applied when the user activates the desktop agent.
You can edit the policies to add other types of authentication that users must complete in the order that you specify in the policy. For example, if you add One-Time Password after the Enterprise authenticator, users enter their work or
my
Account
credentials before they receive a one-time password prompt.
  1. On the menu bar, click
    Settings > Authentication > Default Authentication
    .
  2. Click the policy that you want to edit.
  3. In the
    App Authentication
    section, click
    Add Authenticator
    .
  4. In the
    Add authenticator
    dialog box, in the drop-down list, select an authenticator. Click
    Add
    .
    Repeat this step to add more authenticators to the policy. Users must complete the types of authentication in the order that you specify. To change the order, click
    Set Order
    , drag the authenticators to the order that you want and click
    Set Order
    If you add One-Time Password as an authenticator, it must be set after the enterprise password.
    again.
  5. Click
    Save
    .
If you add authenticators to a default policy, you can click Revert to Default Method on the policy list page to restore the default setting.