Risk adaptive protection

Dynamically add protection for devices based on the current user risk level based on the Forcepoint Neo risk score.

Administrators can now enforce the risk adaptive protection and set the device permissions based on the user risk level. The risk adaptive protection will not replace the default access permissions and other customized rules, however it will add another layer of protection based on the user's risk score. The risk adaptive protection feature is supported for versions 22.06 and above.

To set the risk level for a specific user, click Edit, to open the editor to set the risk levels.

Risk adaptive protection: For administrators to be able to set the permissions for risk levels (Low, Medium, High, Critical), the Risk adaptive protection must be set to Enabled.

1
Risk level: Displays the current permissions for each of the risk levels (Low, Medium, High, Critical) and allows administrators to modify them.
2
User exceptions: Allows to add users or groups or UPNs as exceptions on which the set permissions shall not apply.

  • Users: The users who have an account on the Neo portal and are under active monitoring.
  • Groups: The active directory groups.
  • UPN: <collect the interpretation>
3
End-user notifications: Set to Yes if end-user risk levels are changed then they are notified of the change.

1
Choose notification type:

If Default notification for access permission is selected, then the user or group or UPN receives a notification with a default message text.

If Customize is selected, then the administrator can provide a custom message to be included in the notification mail.

2
Dismiss Notification: This is the duration for which the notification will appear on the end user's screen. It can be set to 5sec, 30sec, 60sec or Manual close.