Predefined Access Policies Descriptions

There are many predefined access policies that you can assign to users that define the read and write privileges of a user in the Proofpoint Information and Cloud Security Platform.

You view and manage access policies from the Administration app in the Proofpoint Information and Cloud Security Platform, in the Access Policies view. (See Access Policies.)

This topic contains descriptions of the most common access policies.

High Level Access Policies

  • Activity Exploration: Manage all activity monitored by Information and Cloud Security Platform

    • Unrestricted access to all activity and alert events gathered by the Proofpoint Security Systems

    • Management of saved Explorations, Dashboards and other facets of the Analytics application

    • Unrestricted workflow management, including adjusting event statuses, assignments, tags, comments as well as manual remediations for select event types

  • Cloud Activity View: View all cloud application activity monitored by Information and Cloud Security Platform

    • View only access to CASB Application

    • View only access to all CASB events in Analytics

  • Configuration Administration: Modify account configuration (identity providers, users, settings, etc), endpoint agent configurations, and policies

    • All administrative functions within the Administration application

    • View only access to endpoint agent log telemetry to monitor its health. It does not include access to monitored end user activity events.

  • Configuration View: View account configuration (identity providers, users and settings, etc), endpoint agent configurations and policies 

    • View only access to all configurations within the Administration application

  • Full Administration: Full access to all system capabilities and resources

    • Unrestricted access to both configuration and all activity and alert events gathered by the Proofpoint Security Systems

  • Full View: View all configuration and observed activity resources

    • Unrestricted view only access to both configuration and all activity and alert events gathered by the Proofpoint Security Systems

     

Granular Access Policies

  • Analytics Exploration Administration: Manage and modify saved explorations in the Analytics Application

    • Enables saving, management, tagging and archiving of explorations in the Analytics application

      This privilege does not have an impact on which activities an analyst can see - it only manages whether they can manage saved exploration (searches)

  • Analytics Exploration View: View only equivalent of Analytics Exploration Administration

  • Analytics Personal Exploration Administration: Manage and modify your own saved explorations in the Analytics Application

    • This privilege is similar to Analytics Exploration Administration, but limited to only your own saved explorations

  • Alert and Activity Management: Manage activity and alert workflows - adjustment to status, history, notes, tags on activity and alert events

    • When a user has partial Activity Exploration privileges, with a view only privilege to activities and alerts, this privilege enables the user to manage status, history, notes, tags and remediations

  • Console and API Exploration: Ability to view and manage Platform activities.

  • Activity View: View only ability to see all activities in the Analytics Application.

    • This is the view only equivalent of Activity Exploration

Related Topics:

Access Policies

Custom Access Policies

Assigning Access Policies