Custom policies: introduction

  • Last update on September 26th, 2024

Enterprise / Professional solutions

Only Tenant Admins and Playbook Admins can create and edit custom policies. For more information, please refer to the Playbook roles section.

 

Custom policies are not available in the Essentials solution.

 

What is a custom policy?

A custom policy is a policy that you formulate from the ground up. Before you begin creating a custom policy, ensure you have a well-defined plan for its key elements:

  • Definition: determine the anomalies the policy will identify (e.g. users without MFA enabled).
  • Remediation: decide how the policy will resolve anomalies (e.g. sending a report to the user's manager).

Unlike out-of-the-box policies, where the remediation action is predefined, custom policies provide you with the flexibility to choose the type of remediation you want to apply (either “Workflow” or “Send report”). 

  • Schedule: establish whether the remediation should occur automatically or manually.

Once you have identified the elements above, you can start creating your custom policy. 

Where can I create a custom policy?

Regular custom policies can be created either from a report that supports the creation of custom policies or within the “Playbooks” section under “SETTINGS”. For more information, please refer to the Create a custom policy article.

Event-based custom policies can also be created from the “Audit” reports. For more information, please refer to the Create an event-based custom policy article.