Available on SpinDLP & SpinOne subscriptions.
Activity Policy is a pivotal feature within our product, dedicated to empowering users to identify and manage various activities within their environment. It enables customers to monitor data downloads, transfers, unsuccessful logins, and suspicious travel patterns, among other scenarios, through predefined criteria. This policy provides actionable responses, including alerts/notifications to keep users informed, user suspension in cases of potential threats, and the option to enforce password changes for enhanced security.
Let's take a deep dive into the structure of the Activity Policy.
GENERAL
In the General section, you can fill in basic policy information such as the policy name, category, severity and a brief description of its intended purpose. This will help you to classify incidents and separate different policies from each other.
ACT ON
In the Act On section, you will specify the thresholds for after how many events the policy should trigger.
CONDITION
In the Condition section you will specify events that will trigger the policy. For the Activity Policy type specifically, you can choose from many events such as downloads, transfers, suspicious IPs and much more.
You can combine multiple separate conditions together. Once you combine conditions, it will turn into an AND policy, and the policy will only be triggered when all separate conditions have been met.
When you enter different values for the same condition, that condition will be met when one of those events is detected. See the below image for more clarification.
ACTION
In the Action section you will specify the actions that will be taken when this policy has been triggered. For the Activity Policy type specifically, you can choose from many actions such as requesting the user to change their password, suspending the user and much more.
Every action placed in the Action section will be performed if the conditions of the policy have been met.
SCOPE & EXCEPTION
Lastly, you can specify who the policy should apply to in the Scope & Exception section. You can have the policy apply to everyone, or to specific Groups and users. This will give you flexibility in creating different policies for different teams within your company.
Now you can create Activity policies! Remember, that you can create as many policies as you'd like with different conditions, actions and scope & exceptions.
If you have any questions or would like to learn more, please reach out to us at support@spin.ai.