Policies : best practices

You will find in this article different tips to have in mind when working on policies in Tenacy

Summary :

Part 1 : How can I detach a public policy from one of my perimeters?

1. From "Policies"
2. From "Organization"

Part 2 : What are the best practices for modifying policies that have already been implemented?

1. Change your policy
2. How do I add a device to a control?
3. Add controls
4. Unlink your policy from your perimeters
5. Re-associate your perimeters with the policy to take advantage of the new modeling


Part 3 : How to see the differences between a derived policy and a public policy?

 

Part 1 : How can I detach a public policy from one of my perimeters?

1. From "Policies" :

From "Policies" > click on the number of perimeters > click on the cross to delet the perimeter :

2. From "Organization" :

"Organization" >  Click on the edit pencil image-png-Aug-03-2023-12-48-40-0796-PM of the perimeter to which you want to remove a policy > "Policies" tab > click on the delete cross 

 

Part 2 : What are the best practices for modifying policies that have already been implemented?

1) Change your policy :

 

Wheel ⚙️> Catalog > Policy tab > Click on your policy

 

2) How do I add a device to a control? 

 

Click on the number next to your control

Search for the measure and associate it with the measure

Define your coverage

💡 If you make a mistake or wish to unassociate you can hover your cursor over the measure and click on the unassociate button

3) Add controls

 

Move your cursor over the group > Add control

4) Unlink your policy from your perimeters.

 

Policy > policy tab > click on the number

Move cursor over perimeter(s)

5) Re-associate your perimeters with the policy to take advantage of the new modeling.  

 

Put your perimeters back :

 

Part 3 : How to see the differences between a derived policy and a public policy?

Consult its policy and see the differences

You will be able to consult the differences between your derivative policy and public policy in the public catalogue by going to your derivative policy.


Display your private policy > Click on > View differences 

In this "differences" display the parent policy serves as a reference.


Thus the elements that exist in the parent and that is not in your version are therefore considered to have been added image.png and all the elements that exist in your version but not in the parent policy are considered to have been deleted.image.png

 

 

  • When to a degree there are changes in content or coverage rates of different controls you will see a pencil followed by the number of changes:image.png
  • When in a control, measures are added or deleted you'll see their number as follows :image.png

    Then, you can compare text content if there are any, select the changes you want to apply to get closer to the parent policy, and then click Resolve Differences.