Manage authentication policies for your tenant
By default,
Cylance Endpoint Security
has three tenant authentication policies that are used to manage the types of authentication that administrators must complete to sign in to the Cylance console and users must complete to activate Cylance Endpoint Security apps or agents (for example, the CylancePROTECT Mobile
app or CylanceGATEWAY
). The tenant policies are applied when no app exception or authentication policy is assigned to the user for the console or the app that they are trying to access. The default policies and their authenticators are:
- Administration Console: This policy uses theCylanceconsole password as the default authenticator. For tenants created after March 2024, this policy uses theCylanceconsole password and One-Time Password as the default authenticators. It is used for authentication to theCylance Endpoint Securitymanagement console.
- CylanceGATEWAY: This policy uses the user’s enterprise password as the default authenticator. It is used when users activate theCylanceGATEWAYapp or desktop agent.
- CylancePROTECT Mobileapp: This policy uses the user’s enterprise password as the default authenticator. It is used when users activate theCylancePROTECTapp on mobile devices. It is not applied when the user activates the desktop agent.
You can edit the policies to add other types of authentication that users must complete in the order that you specify in the policy. For example, if you add One-Time Password after the Enterprise authenticator, users enter their work or credentials before they receive a one-time password prompt.
my
Account- On the menu bar, clickSettings > Authentication > Default Authentication.
- Click the policy that you want to edit.
- In theApp Authenticationsection, clickAdd Authenticator.
- In theAdd authenticatordialog box, in the drop-down list, select an authenticator. ClickAdd.Repeat this step to add more authenticators to the policy. Users must complete the types of authentication in the order that you specify. To change the order, clickSet Order, drag the authenticators to the order that you want and clickSet Orderagain.If you add One-Time Password as an authenticator, it must be set after the enterprise password.
- ClickSave.
If you add authenticators to a default policy, you can click Revert to Default Method on the policy list page to restore the default setting.