Difference between revisions of "Policy Field Sets and Policies"
(→Adding Policy Field Set to Custom Fields) |
|||
(23 intermediate revisions by 5 users not shown) | |||
Line 1: | Line 1: | ||
− | This gives you the ability to create | + | This gives you the ability to create policy field sets and assign them to custom fields across your instance. |
− | You can create security policies and attach them to | + | You can then create security policies and attach them to your policy field sets in order to control the visibility of field data across the entire instance. |
− | This makes it easy for you to apply data access policies at a global level, for example if you have data sensitivity classes that apply across entire field sets. | + | This makes it easy for you to apply data access policies at a global level, for example if you have data sensitivity classes that apply across entire field sets. |
− | These policies apply at the lowest level of security such that no matter where data is accessed from whether it's the object itself, a list view, or a report the visibility of data will be controlled according to each | + | These policies apply at the lowest level of security, such that no matter where data is accessed from--whether it's the object itself, a list view, or a report--the visibility of data will be controlled according to each field's categorization and policy and the end user's access level. |
− | |||
− | The process of configuring the | + | ==Configuration - Essentials== |
− | * Creating | + | The process of configuring the Policy Field Sets and Policies involves the following steps . . . |
+ | |||
+ | * Creating Policy Field Sets | ||
* Creating Data Policies | * Creating Data Policies | ||
− | * Linking | + | * Linking Policy Field Sets and Policies |
− | * Adding | + | * Adding Policy Field Set to Custom Fields |
− | === Creating | + | ===Creating Policy Field Sets=== |
− | |||
* Go to [[Global Settings]] - Security tab. | * Go to [[Global Settings]] - Security tab. | ||
− | * Click on the | + | * Click on the Policy Field Sets link. You will be brought to the Policy Field Set Settings page. |
− | * Click on the "New | + | * Click on the "New Policy Field Set" button. |
− | * You will be brought to the New | + | * You will be brought to the New Policy Field Set Settings page, which consists of the following settings: |
− | **ID: unique ID automatically generated on Save | + | ** ID: unique ID automatically generated on Save |
− | ** | + | ** Name: name used to identify the policy field set |
− | **Description: description for the | + | ** Description: description for the field set |
− | ** | + | ** Type: select either Security or Data Retention |
− | **Data Mask | + | ** Data Mask |
− | [[Image: | + | [[Image:PolicyFieldSet001.PNG|1100px|border]] |
− | * Populate the settings and click Save. | + | * Populate the settings and click Save. |
− | * The | + | * The Policy Field Set Settings page refreshes and exposes 3 additional tabs: |
+ | ** Standard Fields | ||
+ | ** Custom Fields | ||
** Linked Policies | ** Linked Policies | ||
− | |||
− | [[Image: | + | [[Image:PolicyFieldSet002.PNG|1100px|border]] |
− | NOTE: If you return to the | + | NOTE: If you return to the Policy Field Set Settings page then the field set will be listed, with an Edit button to allow updates to be made. |
− | |||
+ | ===Creating Data Policies=== | ||
* Go to [[Global Settings]] - Security tab. | * Go to [[Global Settings]] - Security tab. | ||
* Click on the Data Policies link. You will be brought to the Data Policy Settings page. | * Click on the Data Policies link. You will be brought to the Data Policy Settings page. | ||
− | * Click on the "New Data Policy" button. | + | * Click on the "New Data Policy" button. |
* You will be brought to the New Data Policy Settings page, which consists of the following settings: | * You will be brought to the New Data Policy Settings page, which consists of the following settings: | ||
− | **ID: unique ID automatically generated on Save | + | ** ID: unique ID automatically generated on Save |
− | **Name: name used to identify the policy | + | ** Name: name used to identify the policy |
− | **Description: description for the policy | + | ** Description: description for the policy |
− | **Policy Type: select either Security | + | ** Policy Type: select either Security or Data Retention |
− | ** | + | *** Additional settings will be exposed upon selecting a policy type |
− | ** | + | ** Include Roles: lookup to select the roles that the policy should apply for |
+ | |||
+ | [[Image:DataPolicy001.PNG|1100px|border]] | ||
+ | |||
− | |||
+ | * Populate the settings and click Save. | ||
+ | * The Policy Field Set Settings page refreshes and the Linked Policy Field Sets tab is also exposed | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | ====Security Data Policies==== | |
+ | * Selecting the security policy type exposes the Action field, with the following options: | ||
+ | ** Edit | ||
+ | ** Edit (by Owner Only) | ||
+ | ** Read | ||
+ | ** Delete | ||
+ | ** Forbidden | ||
+ | ** View Encrypted Data | ||
+ | ** Hide Data In Emulation Mode | ||
− | + | [[Image:SecurityDataPolicy001.PNG|1100px|border]] | |
NOTE: If you return to the Data Policy Settings page then the category will be listed, with an Edit button to allow updates to be made. | NOTE: If you return to the Data Policy Settings page then the category will be listed, with an Edit button to allow updates to be made. | ||
− | |||
− | + | ====Data Retention Data Policies==== | |
+ | * Selecting the data retention policy type exposes the following options: | ||
+ | ** Action | ||
+ | ** Entity | ||
+ | ** Trigger After | ||
+ | ** Date Field to Compare | ||
− | + | [[Image:DataRetentionPolicy001.PNG|1100px|border]] | |
− | [[Image: | ||
− | + | ===Linking Policy Field Sets and Policies=== | |
+ | If you are editing a Policy Field Set then you can link the current category with an existing Data Policy by going to the Linked Policies tab. | ||
− | + | If you are editing a Data Policy then you can link the current policy with an existing Policy Field Set by going to the Linked Policy Field Sets tab. | |
− | + | [[Image:LinkedPolicies001.PNG|1100px|border]] | |
− | |||
+ | The functionality for both tabs is the same and is as follows: | ||
− | + | * Start typing the name of the Data Policy or Policy Field Set into the Ajax lookup field and selected from the returned results. | |
+ | * Click on the Add button. | ||
+ | * The policy/field set will now be listed under the Linked tab. | ||
− | Go to the | + | ===Adding Policy Field Set to Custom Fields=== |
+ | Go to the Policy Field Set tab, which is available against all Custom Fields settings pages (and specific Standard Fields for Users), and start typing the name of the Policy Field Set into the Ajax lookup field. Selected from the returned results. | ||
− | [[Image: | + | [[Image:CustomFieldPolicy001.PNG|1100px|border]] |
− | The policy/category will now be listed under the | + | The policy/category will now be listed under the Policy Field Set tab. |
− | + | The custom field will also appear under the Custom Fields tab for the associated Policy Field Set . | |
+ | <span id="bs_comment:@@@CMT0@@@" class="mceNonEditable comment" data-bs-type="comment" data-bs-id="0"> abac ABAC Abac </span> | ||
[[Category:System Management]][[Category:Custom Fields]][[Category:Security]] | [[Category:System Management]][[Category:Custom Fields]][[Category:Security]] |
Latest revision as of 09:35, 25 May 2023
This gives you the ability to create policy field sets and assign them to custom fields across your instance.
You can then create security policies and attach them to your policy field sets in order to control the visibility of field data across the entire instance.
This makes it easy for you to apply data access policies at a global level, for example if you have data sensitivity classes that apply across entire field sets.
These policies apply at the lowest level of security, such that no matter where data is accessed from--whether it's the object itself, a list view, or a report--the visibility of data will be controlled according to each field's categorization and policy and the end user's access level.
Contents
Configuration - Essentials
The process of configuring the Policy Field Sets and Policies involves the following steps . . .
- Creating Policy Field Sets
- Creating Data Policies
- Linking Policy Field Sets and Policies
- Adding Policy Field Set to Custom Fields
Creating Policy Field Sets
- Go to Global Settings - Security tab.
- Click on the Policy Field Sets link. You will be brought to the Policy Field Set Settings page.
- Click on the "New Policy Field Set" button.
- You will be brought to the New Policy Field Set Settings page, which consists of the following settings:
- ID: unique ID automatically generated on Save
- Name: name used to identify the policy field set
- Description: description for the field set
- Type: select either Security or Data Retention
- Data Mask
- Populate the settings and click Save.
- The Policy Field Set Settings page refreshes and exposes 3 additional tabs:
- Standard Fields
- Custom Fields
- Linked Policies
NOTE: If you return to the Policy Field Set Settings page then the field set will be listed, with an Edit button to allow updates to be made.
Creating Data Policies
- Go to Global Settings - Security tab.
- Click on the Data Policies link. You will be brought to the Data Policy Settings page.
- Click on the "New Data Policy" button.
- You will be brought to the New Data Policy Settings page, which consists of the following settings:
- ID: unique ID automatically generated on Save
- Name: name used to identify the policy
- Description: description for the policy
- Policy Type: select either Security or Data Retention
- Additional settings will be exposed upon selecting a policy type
- Include Roles: lookup to select the roles that the policy should apply for
- Populate the settings and click Save.
- The Policy Field Set Settings page refreshes and the Linked Policy Field Sets tab is also exposed
Security Data Policies
- Selecting the security policy type exposes the Action field, with the following options:
- Edit
- Edit (by Owner Only)
- Read
- Delete
- Forbidden
- View Encrypted Data
- Hide Data In Emulation Mode
NOTE: If you return to the Data Policy Settings page then the category will be listed, with an Edit button to allow updates to be made.
Data Retention Data Policies
- Selecting the data retention policy type exposes the following options:
- Action
- Entity
- Trigger After
- Date Field to Compare
Linking Policy Field Sets and Policies
If you are editing a Policy Field Set then you can link the current category with an existing Data Policy by going to the Linked Policies tab.
If you are editing a Data Policy then you can link the current policy with an existing Policy Field Set by going to the Linked Policy Field Sets tab.
The functionality for both tabs is the same and is as follows:
- Start typing the name of the Data Policy or Policy Field Set into the Ajax lookup field and selected from the returned results.
- Click on the Add button.
- The policy/field set will now be listed under the Linked tab.
Adding Policy Field Set to Custom Fields
Go to the Policy Field Set tab, which is available against all Custom Fields settings pages (and specific Standard Fields for Users), and start typing the name of the Policy Field Set into the Ajax lookup field. Selected from the returned results.
The policy/category will now be listed under the Policy Field Set tab.
The custom field will also appear under the Custom Fields tab for the associated Policy Field Set .
abac ABAC Abac