Create an information protection policy
- In the management console, on the menu bar, clickPolicies > User Policy.
- Click theInformation Protectiontab.
- ClickAdd Policy.
- In theGeneral Informationsection, fill in the following:
- In thePolicy namefield, type in a name for your policy.
- In theDescriptionfield, type in a description for your policy.
- In thePolicy typedrop-down menu, select the type of policy you are creating. Possible values for policy type are regulatory or organizational.
- A regulatory policy type refers to the finite set of sensitive data defined by a regulation that does not necessarily change over time (for example, PCI, HIPAA, etc.).
- An organizational policy type refers to company proprietary data where the audience for who can access the data can be constantly changing. As a result, organizational data should be classified data elements (for example, the file type, keywords, the file creator, the file creator's role, etc.).
- In theConditionssection, configure the conditions that will trigger a policy violation by using one of the following:ConditionDescriptionAdd conditions using a template
Add conditions using the conditions builderThe conditions builder is comprised ofAndandOrstatement groups. You need to use a combination of these statement groups to determine when a policy will be triggered.
- ClickAdd From Template.
- Click the checkbox for the templates that you want to add to your policy.You can filter the list of templates using the search bar.
- In theAndconditions section, select the conditions from the drop-down list, then specify the minimum number of occurrences required to trigger the condition from the numeric drop-down menu.
- If you would like to add another item to your current statement group, clickAdd Item.
- If you would like to add another statement group, clickAdd Group.
- In theOrconditions section, select the conditions from the drop-down list, then specify the minimum number of occurrences required to trigger the condition from the numeric drop-down menu.
- If you would like to delete a statement group, clickDelete Group.
- In theAllowed Domainssection, click then select the browser domain you want to allow for you policy from the list.
- In theAllowed Email Domainssection, select which email recipients specified in the information protection settings should be allowed for your policy.
- In theActionssection, from the drop-down lists, select the action to take for Web browser, USB, and email exfiltration events.
- ClickAdd.If a user has policies assigned to them, and then has all of those policies removed, the user will be deleted fromCylanceAVERT.
Do any of the following:
- You can assign a policy to users and user groups. See View CylanceAVERT user details for more information.
- To delete an information protection policy, select the checkbox beside the policy in the list, then clickDelete.
- To edit an information protection policy, click on the policy in the list, make a change to the policy, then clickSave.