Before you get started with creating Security Policies, it is critical to understand the default Security Settings and how to optimize them.
To follow along in the UI, please login to your SpinOne instance and head to the Security Policies -> Settings section from the left panel.
The first settings you'll notice, is the Default policies for Applications and Chrome Extensions. These policies relate to the Risk Assessment section, and are the default rules on how these apps and extensions are classified. Let's break them down:
Default Policy for Apps
- Revoke access to applications in the Blocklist only (recommended) - With this setting enabled, Users in the organization will have access to all applications, besides applications that have been sent to the Blocklist category manually or through a security policy.
- Revoke access to applications in the Allowlist only - With this setting enabled, Users in the organization will only have access to applications that are sent to the Allowlist category manually or through a security policy.
Default Policy for Chrome Extensions
- Revoke access to extensions in the Blocklist only (recommended) - With this setting enabled, Users in the organization will have access to all extensions, besides extensions that have been sent to the Blocklist category manually or through a security policy.
- Revoke access to extensions in the Allowlist only - With this setting enabled, Users in the organization will only have access to extensions that are sent to the Allowlist category manually or through a security policy.
It is important to make sure that these settings are setup correctly before creating any Security Policies to classify apps in the Blocklist or Allowlist categories.
In this Settings section, you'll also be able to setup notifications in order to stay up to date on security actions. First, ensure that you have notifications on for applications and extensions, when they are blocked. The settings and their explanations are provided:
Lastly, ensure that you enable notifications and alerts for other security solutions, by connecting your Slack and entering your email in the Notification Settings section.
