Difference between revisions of "Policy Field Sets and Policies"
From SmartWiki
Nancy Sabo (talk | contribs) |
|||
| Line 1: | Line 1: | ||
| − | This gives you the ability to create data categories and assign them to custom fields across your instance. | + | This gives you the ability to create data categories and assign them to custom fields across your instance. |
| − | You can create security policies and attach them to data | + | You can then create security policies and attach them to your data categories in order to control the visibility of field data across the entire instance. |
| − | This makes it easy for you to apply data access policies at a global level, for example if you have data sensitivity classes that apply across entire field sets. | + | This makes it easy for you to apply data access policies at a global level, for example if you have data sensitivity classes that apply across entire field sets. |
| + | |||
| + | These policies apply at the lowest level of security such that no matter where data is accessed from whether it's the object itself, a list view, or a report the visibility of data will be controlled according to each fields categorization and policy and the end user's access level. | ||
| − | |||
==Configuring== | ==Configuring== | ||
| + | The process of configuring the Data Categories and Policies involves the following steps . . . | ||
| − | + | * Creating Data Categories | |
| − | * Creating Data Categories | ||
* Creating Data Policies | * Creating Data Policies | ||
* Linking Data Categories and Policies | * Linking Data Categories and Policies | ||
| − | * Adding Data Category to Custom Fields | + | * Adding Data Category to Custom Fields |
| − | === Creating Data Categories=== | + | ===Creating Data Categories=== |
| − | |||
* Go to [[Global Settings]] - Security tab. | * Go to [[Global Settings]] - Security tab. | ||
* Click on the Data Categories link. You will be brought to the Data Category Settings page. | * Click on the Data Categories link. You will be brought to the Data Category Settings page. | ||
| − | * Click on the "New Data Category" button. | + | * Click on the "New Data Category" button. |
* You will be brought to the New Data Category Settings page, which consists of the following settings: | * You will be brought to the New Data Category Settings page, which consists of the following settings: | ||
| − | **ID: unique ID automatically generated on Save | + | ** ID: unique ID automatically generated on Save |
| − | **Category Name: name used to identify the category | + | ** Category Name: name used to identify the category |
| − | **Description: description for the category | + | ** Description: description for the category |
| − | **Category Type: select either Security or Prediction | + | ** Category Type: select either Security or Prediction |
| − | **Data Mask | + | ** Data Mask |
[[Image:DataCategory1.png|1100px|border]] | [[Image:DataCategory1.png|1100px|border]] | ||
| − | * Populate the settings and click Save. | + | * Populate the settings and click Save. |
* The Data Category Settings page refreshes and exposes 2 additional tabs: | * The Data Category Settings page refreshes and exposes 2 additional tabs: | ||
** Linked Policies | ** Linked Policies | ||
| Line 38: | Line 38: | ||
[[Image:DataCategory2.png|1100px|border]] | [[Image:DataCategory2.png|1100px|border]] | ||
| − | NOTE: If you return to the Data Category Settings page then the category will be listed, with an Edit button to allow updates to be made. | + | NOTE: If you return to the Data Category Settings page then the category will be listed, with an Edit button to allow updates to be made. |
| − | |||
| + | ===Creating Data Policies=== | ||
* Go to [[Global Settings]] - Security tab. | * Go to [[Global Settings]] - Security tab. | ||
* Click on the Data Policies link. You will be brought to the Data Policy Settings page. | * Click on the Data Policies link. You will be brought to the Data Policy Settings page. | ||
| − | * Click on the "New Data Policy" button. | + | * Click on the "New Data Policy" button. |
* You will be brought to the New Data Policy Settings page, which consists of the following settings: | * You will be brought to the New Data Policy Settings page, which consists of the following settings: | ||
| − | **ID: unique ID automatically generated on Save | + | ** ID: unique ID automatically generated on Save |
| − | **Name: name used to identify the policy | + | ** Name: name used to identify the policy |
| − | **Description: description for the policy | + | ** Description: description for the policy |
| − | **Policy Type: select either Security or Prediction | + | ** Policy Type: select either Security or Prediction |
| − | **Include Roles: lookup to select the roles that the policy should apply for | + | ** Include Roles: lookup to select the roles that the policy should apply for |
| − | **Exclude Roles: lookup to select the roles that the policy should not apply for | + | ** Exclude Roles: lookup to select the roles that the policy should not apply for |
[[Image:DataPolicy1.png|1100px|border]] | [[Image:DataPolicy1.png|1100px|border]] | ||
| − | * Populate the settings and click Save. | + | |
| + | * Populate the settings and click Save. | ||
* The Data Policy Settings page refreshes and exposes the Action field, with the following 4 options: | * The Data Policy Settings page refreshes and exposes the Action field, with the following 4 options: | ||
| − | **Edit | + | ** Edit |
| − | **Read | + | ** Read |
| − | **Delete | + | ** Delete |
| − | **Forbidden | + | ** Forbidden |
[[Image:DataPolicy2.png|1100px|border]] | [[Image:DataPolicy2.png|1100px|border]] | ||
| Line 69: | Line 70: | ||
NOTE: If you return to the Data Policy Settings page then the category will be listed, with an Edit button to allow updates to be made. | NOTE: If you return to the Data Policy Settings page then the category will be listed, with an Edit button to allow updates to be made. | ||
| + | |||
===Linking Data Categories and Policies=== | ===Linking Data Categories and Policies=== | ||
| + | If you are editing a Data Category then you can link the current category with an existing Data Policy by going to the Linked Policies tab. | ||
| − | + | If you are editing a Data Policy then you can link the current policy with an existing Data Category by going to the Linked Data Categories tab. | |
| − | |||
| − | If you are editing a Data Policy then you can link the current policy with an existing Data Category by going to the Linked Data Categories tab. | ||
[[Image:DataLinks1.png|1100px|border]] | [[Image:DataLinks1.png|1100px|border]] | ||
| − | The functionality for both tabs is the same and is as follows: | + | The functionality for both tabs is the same and is as follows: |
* Start typing the name of the Data Policy or Data Category into the Ajax lookup field and selected from the returned results. | * Start typing the name of the Data Policy or Data Category into the Ajax lookup field and selected from the returned results. | ||
| − | * Click on the Add button. | + | * Click on the Add button. |
| − | * The policy/category will now be listed under the Linked tab. | + | * The policy/category will now be listed under the Linked tab. |
| − | |||
| − | |||
| + | ===Adding Data Category to Custom Fields=== | ||
Go to the Data Category tab, which is available against all Custom Fields settings pages, and start typing the name of the Data Category into the Ajax lookup field. Selected from the returned results. | Go to the Data Category tab, which is available against all Custom Fields settings pages, and start typing the name of the Data Category into the Ajax lookup field. Selected from the returned results. | ||
[[Image:DataCategory3.png|1100px|border]] | [[Image:DataCategory3.png|1100px|border]] | ||
| − | The policy/category will now be listed under the Data Category tab. | + | The policy/category will now be listed under the Data Category tab. |
The custom field will also appear under the Custom Fields tab for the associated Data Category . | The custom field will also appear under the Custom Fields tab for the associated Data Category . | ||
Revision as of 16:58, 24 September 2018
This gives you the ability to create data categories and assign them to custom fields across your instance.
You can then create security policies and attach them to your data categories in order to control the visibility of field data across the entire instance.
This makes it easy for you to apply data access policies at a global level, for example if you have data sensitivity classes that apply across entire field sets.
These policies apply at the lowest level of security such that no matter where data is accessed from whether it's the object itself, a list view, or a report the visibility of data will be controlled according to each fields categorization and policy and the end user's access level.
Contents
Configuring
The process of configuring the Data Categories and Policies involves the following steps . . .
- Creating Data Categories
- Creating Data Policies
- Linking Data Categories and Policies
- Adding Data Category to Custom Fields
Creating Data Categories
- Go to Global Settings - Security tab.
- Click on the Data Categories link. You will be brought to the Data Category Settings page.
- Click on the "New Data Category" button.
- You will be brought to the New Data Category Settings page, which consists of the following settings:
- ID: unique ID automatically generated on Save
- Category Name: name used to identify the category
- Description: description for the category
- Category Type: select either Security or Prediction
- Data Mask
- Populate the settings and click Save.
- The Data Category Settings page refreshes and exposes 2 additional tabs:
- Linked Policies
- Custom Fields
NOTE: If you return to the Data Category Settings page then the category will be listed, with an Edit button to allow updates to be made.
Creating Data Policies
- Go to Global Settings - Security tab.
- Click on the Data Policies link. You will be brought to the Data Policy Settings page.
- Click on the "New Data Policy" button.
- You will be brought to the New Data Policy Settings page, which consists of the following settings:
- ID: unique ID automatically generated on Save
- Name: name used to identify the policy
- Description: description for the policy
- Policy Type: select either Security or Prediction
- Include Roles: lookup to select the roles that the policy should apply for
- Exclude Roles: lookup to select the roles that the policy should not apply for
- Populate the settings and click Save.
- The Data Policy Settings page refreshes and exposes the Action field, with the following 4 options:
- Edit
- Read
- Delete
- Forbidden
The Linked Data Categories tab is also exposed
NOTE: If you return to the Data Policy Settings page then the category will be listed, with an Edit button to allow updates to be made.
Linking Data Categories and Policies
If you are editing a Data Category then you can link the current category with an existing Data Policy by going to the Linked Policies tab.
If you are editing a Data Policy then you can link the current policy with an existing Data Category by going to the Linked Data Categories tab.
The functionality for both tabs is the same and is as follows:
- Start typing the name of the Data Policy or Data Category into the Ajax lookup field and selected from the returned results.
- Click on the Add button.
- The policy/category will now be listed under the Linked tab.
Adding Data Category to Custom Fields
Go to the Data Category tab, which is available against all Custom Fields settings pages, and start typing the name of the Data Category into the Ajax lookup field. Selected from the returned results.
The policy/category will now be listed under the Data Category tab.
The custom field will also appear under the Custom Fields tab for the associated Data Category .
