Predefined Access Policies Descriptions

There are many predefined access policies that you can assign to users that define the read and write privileges of a user in the Proofpoint Data Security & Posture.

You view and manage access policies from the Administration app in Proofpoint Data Security & Posture, in the Access Policies view. (See Access Policies.)

This topic contains descriptions of the most common access policies.

High Level Access Policies

  • Activity Exploration: Manage all activity monitored by Proofpoint Data Security & Posture.

    • Unrestricted access to all activity and alert events gathered by the Proofpoint Security Systems

    • Management of saved Explorations, Dashboards and other facets of the Data Security Workbench application

    • Unrestricted workflow management, including adjusting event statuses, assignments, tags, comments as well as manual remediations for select event types

  • Cloud Activity View: View all cloud application activity monitored by Proofpoint Data Security & Posture.

    • View only access to CASB Application

    • View only access to all CASB events in Data Security Workbench

  • Configuration Administration: Modify account configuration (identity providers, users, settings, etc), endpoint agent configurations, and policies

    • All administrative functions within the Administration application

    • View only access to endpoint agent log telemetry to monitor its health. It does not include access to monitored end user activity events.

  • Configuration View: View account configuration (identity providers, users and settings, etc), endpoint agent configurations and policies 

    • View only access to all configurations within the Administration application

  • Full Administration: Full access to all system capabilities and resources

    • Unrestricted access to both configuration and all activity and alert events gathered by the Proofpoint Security Systems

  • Full View: View all configuration and observed activity resources

    • Unrestricted view only access to both configuration and all activity and alert events gathered by the Proofpoint Security Systems

     

Granular Access Policies

  • Analytics Exploration Administration: Manage and modify saved explorations in the Data Security Workbench application

    • Enables saving, management, tagging and archiving of explorations in the Data Security Workbench application

      This privilege does not have an impact on which activities an analyst can see - it only manages whether they can manage saved exploration (searches)

  • Analytics Exploration View: View only equivalent of Data Security WorkbenchExploration Administration

  • Analytics Personal Exploration Administration: Manage and modify your own saved explorations in the Data Security Workbench application

    • This privilege is similar to Analytics Exploration Administration, but limited to only your own saved explorations

  • Alert and Activity Management: Manage activity and alert workflows - adjustment to status, history, notes, tags on activity and alert events

    • When a user has partial Activity Exploration privileges, with a view only privilege to activities and alerts, this privilege enables the user to manage status, history, notes, tags and remediations

  • Console and API Exploration: Ability to view and manage Platform activities.

  • Activity View: View only ability to see all activities in the Data Security Workbench application.

    • This is the view only equivalent of Activity Exploration

Related Topics:

Access Policies

Custom Access Policies

Assigning Access Policies

Metadata Redacted View Restriction Access Policies (Anonymization)