Creating Policy
Policy rules are used to match the context of a user's access to either a secure, allow, or deny action. Each rule operates in a similar manner to other common security appliances, e.g. NGFW (next-generation firewall), with match criteria and top down rule matching.
Policy match criteria are as follows: User Group/OU, Access Method (SSO Auth/ActiveSync), Device Type (OS & User-Agent, Managed vs. Unmanaged), and Location. If the traffic is secured, Forcepoint ONE SSE can inspect uploaded/downloaded data for matches to DLP pattern objects sensitive content can be identified and protected.
Policies are very subjective and unique to each company’s setup and needs. Therefore there is no default rule of thumb, however it is recommended to not make initial rules too strict. Instead, Forcepoint ONE SSE recommends to create all of the objects and policies based upon your end users needs and set the action to “Allow” instead of mask/block/encrypt. After users have been fully migrated, you can monitor how the policies are being hit and choose to further restrict traffic if needed.