Access Policies

Access policies are a bundles of capabilities that you assign to users of groups or users. Capabilities define the read and write privileges of a user in the Proofpoint Information and Cloud Security Platform.

You can assign policies from the Proofpoint predefined access policies or create a custom policy.

  • Proofpoint Predefined Access Policies: Examples of predefined policies include Full Administration which assigns full access to all system capabilities and resources, Activity View which assigns view-only access to all monitored activity and List View which assigns only the ability to view lists. Proofpoint predefined access policies cannot be modified.

  • Custom Access Policies: You define the set of capabilities you want to you assign to specific users or groups. Custom access policies can be created and modified by a console user with sufficient privileges. For information about setting up and using custom access policies, see Custom Access Policies.

You can assign multiple policies to a user or group.

(See Assigning Access Policies.)

Access policies can also be assigned to Personas.

Inheriting Access Policies

Access policies can be assigned directly to a user or a group and you can assign more than one policy to a user or group

Users inherit access policies from a group if the user is a member of that group. For example, a user is assigned Console User View policy with the ability to view users and their policy assignments. That user is added to a group that has been assigned Activity Exploration policy with the ability to view and explore all monitored activity as part of the Information Protection Platform. The user still has Console User View policy capabilities and in addition, inherits Activity Exploration policy and all its capabilities.

By default, assignments are set to never expire.

If needed, you can set an expiration date for an access policy to indicate when it will no longer apply.

Access Policies View

You view and manage access policies from the Administration app in the Proofpoint Information and Cloud Security Platform, in the Access Policies view.

Select User ManagementAccess Policies and the list of Access Policies displays.

The list includes name and description of the access policy and when the access policy was created and modified. In the Created By column, you can see whether the access policy is a Proofpoint predefined access policy or a custom access policy.

Access Policy Details

By clicking on an access policy, you can see its details.

  • Details: 

    General details including name and description. From here, you can edit the details by clicking Edit.

    Template details (for custom access policies) show you the criteria.

  • Capabilities: Details about what the user can see and do, such as full access to read and write rules and read only access to policies.

  • Assignments: Details who the policy is assigned to, including users and groups. From here, you can edit the assignments by clicking Edit.