Custom Risk Intelligence Policies
Each aspect of Risk Intelligence, from the scans to run to their schedule, is controlled through Risk Intelligence policies.
Default policies are available for Laptops, Desktops and Servers with the ability to manage your own custom policies (as well as edit the defaults). When creating a new policy, the policy settings and scan configurations are automatically populated from the selected Base Policy On policy.
When in the policy dialog, click Customize Scans to go to the Custom Scans section.
For a list of all of the policies currently in use across your policy supporting features, please refer to the Feature Policy Report.
Create a Custom Policy
- Log into the Dashboard
- Go to Settings > Risk Intelligence > Policy
- Click New to create a custom policy
- Enter the Policy Name for identification
- Select an existing policy to act as a template from the Base Policy On drop-down - or leave blank to set all scans as Do not Run (disabled)
- Choose the Policy Type: All, Server, Desktop or Laptop
- This opens the Policy dialog containing the following sections:
- To enable a scan, change its Select Frequency Method setting to Once per Day, Once per Month or Manual and configure the scan (where required). Change this setting to Do Not Run to disable a scan.
- Save once complete to apply
|
Section |
Description |
|---|---|
|
General |
Contains the Policy type and editable Policy name You can also set the account wide Currency Symbol and Security Liability Amount as well as any Global Policy File Exclusions |
|
Security Scan |
Retrieves vulnerability information from the device to expose the Operating System and installed application security risks. |
|
PCI Scan |
Search for risks with internal PCI compliance violations |
|
Data Breach Risk Scan (Country) |
Runs a security scan searching for Credit Card Numbers, dates of birth, government issued identification, and financial account numbers. As there is not a global standard for the format of information considered PII (government issued identification), we have included country specific versions of the Data Breach Risk Scan designed to retrieve localised PII in that country's format. These are designated using the following country codes: AUS, BEL, BRA, CAN, DEU, ESP, FRA, GBR, IRL, ITA, NLD, NOR, NZL, SWE, USA, ZAF, NZL |
|
Expanded Data Breach Risk Scan |
Runs a security scan searching for Credit Card Numbers, dates of birth, government issued identification, and financial account numbers. Perform a Technical Safeguards Check, this queries the device's configuration and highlights settings that do not meet common baseline configurations. |
|
Custom Scans |
This section contains the Custom Scans created using the Scan Configuration settings available from the Risk Intelligence portal, accessible from Customize Scans button. If already in the Risk Intelligence portal go to View and Manage > Scan Configurations. To manually synchronize the Dashboard's custom policy list with Risk Intelligence, click the Reload Customized Scans button. For information on creating or modifying a Custom Scan please refer to the Custom Scans section. |
Risk Intelligence scans run based on the local time of the computer the Agent is installed on.
As these intensive scans may take some time to complete, we have included a mechanism which prevents the scheduling of a scan within two hours of another scan starting. If two scans are scheduled to take place within this two-hour period, a notification is displayed when saving the policy. In those circumstances where a scan is still running when a new scan is scheduled to start, the currently running scan is stopped.
|
Scan Frequencies and Options |
|||
|---|---|---|---|
|
Frequency |
Scheduling Options / Notes |
||
|
Do Not Run |
Disables scan |
||
|
Once per Day* |
Run on Days |
Select Time |
Run if Missed |
|
Once per Month |
Day of Month on which to Run |
At Time |
Run if missed |
|
Manual |
Scan only runs when manually initiated from the Dashboard |
||
|
* To run the scan weekly, simply choose the required day. |
|||
Edit a Custom Policy
Please note that the default policies settings are editable.
- Log into the Dashboard
- Go to Settings > Risk Intelligence > Policy
- Select the target policy
- Click Edit
- Change the editable settings
- Save once complete to apply
Delete a Custom Policy
Default policies are locked for deletion. You cannot delete a Risk Intelligence policy when it is currently in use on a computer or it is set as the default for a Client or Site, even when there are no devices registered against the Client or Site
- Log into the Dashboard
- Go to Settings > Risk Intelligence > Policy
- Select the target policy
- Click Delete
- Confirm removal
Settings Menu and New Policy Dialog
Policy Dialog
