Preconfigured Access Policies

SecurID provides preconfigured access policies that you can use immediately without additional configuration. Any new identity sources you add to your Cloud Authentication Service deployment are automatically associated with the preconfigured policies. You can edit these policies directly or clone them and customize as needed. You cannot delete the preconfigured policies.

To access the preconfigured policies, sign in to the Cloud Administration Console and select Access > Policies.

Note: Depending on when your account was created in the Cloud Administration Console, you may or may not see these preconfigured policies.

For complete information on access policies, see Access Policies.

Assurance Levels for Preconfigured Access Policies

The following table describes the preconfigured access policies with their assurance levels.

Access Policy Name Assurance Level Description
All Users Low Assurance Level


Low

Requires additional authentication for all users at low, medium, and high assurance levels.

All Users Medium Assurance Level Medium
All Users High Assurance Level High
All Users Medium Assurance Level with Low Identity Confidence Medium

Requires additional authentication for all users at medium assurance level when identity confidence is low.

Deployment License Changes

If your deployment license is downgraded, some authentication methods will no longer be available to the preconfigured policies. In these cases, you must reconfigure the assurance levels in the preconfigured policies.

If your deployment license is upgraded, you can add new authentication methods to the assurance level configuration, making them available to the preconfigured policies.

Cloning and Editing a Preconfigured Access Policy

When you clone a preconfigured access policy, SecurID copies settings from the original policy to a new policy and names the new policy Clone of original_policy. You can edit the cloned policy to give it a different name and modify the settings. For instructions on cloning access policies, see Clone an Access Policy.

You can edit a preconfigured access policy without cloning. After editing, the policy no longer appears in the list of preconfigured policies but instead appears in the list of custom policies.

Note: If the original policy name is not appropriate after editing, make sure you rename the policy.

Cloned Access Policy Example

The following example displays the four preconfigured policies and a clone of the All Users Medium Assurance Level policy. The cloned policy appears at the bottom of the policy list.

securid_ngx_g_pcpcl1.png