Create an information protection policy
- In the management console, on the menu bar, clickPolicies > User Policy.
- Click theInformation Protectiontab.
- ClickAdd Policy.
- In theGeneral Informationsection, fill in the following:
- In thePolicy namefield, type in a name for your policy.
- In theDescriptionfield, type in a description for your policy.
- In thePolicy typedrop-down menu, select the type of policy you are creating. Possible values for policy type are regulatory or organizational.
- A regulatory policy type refers to the finite set of sensitive data defined by a regulation that does not necessarily change over time (for example, PCI, HIPAA, etc.).
- An organizational policy type refers to company proprietary data where the audience for who can access the data can be constantly changing. As a result, organizational data should be classified data elements (for example, the file type, keywords, the file creator, the file creator's role, etc.).
- In theConditionssection, configure the conditions that will trigger a policy violation by using one of the following:ConditionDescriptionAdd conditions using a template
- ClickAdd From Template.
- Click the checkbox for the templates that you want to add to your policy.You can filter the list of templates using the search bar.
Add conditions using the conditions builderThe conditions builder is comprised ofAndandOrstatement groups. You need to use a combination of these statement groups to determine when a policy will be triggered.- In theAndconditions section, select the conditions from the drop-down list, then specify the minimum number of occurrences required to trigger the condition from the numeric drop-down menu.
- If you would like to add another item to your current statement group, clickAdd Item.
- If you would like to add another statement group, clickAdd Group.
- In theOrconditions section, select the conditions from the drop-down list, then specify the minimum number of occurrences required to trigger the condition from the numeric drop-down menu.
- If you would like to delete a statement group, clickDelete Group.
- In theAllowed Domainssection, click
then select the browser domain you want to allow for you policy from the list.
- In theAllowed Email Domainssection, select which email recipients specified in the information protection settings should be allowed for your policy.
- In theActionssection, from the drop-down lists, select the action to take for Web browser, USB, and email exfiltration events.
- ClickAdd.If a user has policies assigned to them, and then has all of those policies removed, the user will be deleted fromCylanceAVERT.
Do any of the following:
- You can assign a policy to users and user groups. See View CylanceAVERT user details for more information.
- To delete an information protection policy, select the checkbox beside the policy in the list, then clickDelete.
- To edit an information protection policy, click on the policy in the list, make a change to the policy, then clickSave.