Data Security Administration
  • Data Security Administration
  • SaaS Security Documentation
  • All Documentation
>
Fine-Tune Policy
Focus
Download PDF
Focus
  1. Home
  2. SaaS Security
  3. Fine-Tune Policy
Download PDF
SaaS Security

Fine-Tune Policy

Table of Contents

Fine-Tune Policy

Learn how to modify your policies on Data Security to suit your unique needs.
Where Can I Use This?What Do I Need?
  • NGFW (Managed by Strata Cloud Manager)
  • Prisma Access (Managed by Strata Cloud Manager)
  • Data Security license
Or any of the following licenses that include the Data Security license:
  • CASB-X
  • CASB-PA
Fine-tuning policy for a managed app in Data Security provides visibility into the data sharing and collaboration activities of your users. This allows you to flag non-compliant behavior so you can manage user activity, govern application usage, secure corporate data, and prevent data loss due to malicious or inadvertent user actions.
Data Security includes six predefined data policies that are automatically applied when Data Security scans the assets in the connected applications, but you can edit, delete, or disable rules to better suit your security needs.

Edit a Policy

Learn how to edit an existing policy on Data Security.
When you edit a policy, Data Security scans all content against the newly defined criteria to assess incidents.
  1. To edit a policy, select Data SecurityPolicies<Data Asset/User Activity/Security Control> policies.
  2. To edit your policy, do one of the following:
    • Click on the vertical dots menu under Table Actions against your policy and then click Edit.
    • Click on your Policy Name.
  3. Edit the following options as required:
    1. Edit the Policy Name.
    2. Update the Description.
    3. Set the Severity for the policy rule.
    4. Verify the policy rule is Enabled.
    5. For:
      • User Activity Policies: Under Items to Detect select Users or Assets (such as files or folders)
      • Security Control Policies: Under Security Control Criteria, edit the Sanctioned Applications drop-down, Risky Domains, and ADVANCED OPTIONS sections.
    6. Edit the Match Criteria for Data Asset Policies and User Activity rules.
    7. Select what Actions, if any, you want to select for Automatic Incident Remediation Options.
    8. Save your changes.

Delete a Policy

Learn how to delete policies on Data Security.
You can delete a policy on Data Security if you no longer need it, but as a best practice, don't delete a policy until you have reviewed any associated incidents.
  1. To delete a policy, select Data SecurityPolicies<Data Asset/User Activity/Security Control> policies.
  2. To delete your policy, click on the vertical dots menu under Table Actions against your policy and then click Delete. A confirmation message is displayed.
    Choose:
    • Delete all associated incidents to delete all incidents associated with the policy permanently.
    • Close all associated incidents to close all incidents associated with the policy. The closed incidents are not deleted but moved to the In the Cloud state.

Disable a Policy

Learn how to disable policies on Data Security.
You can disable a policy on Data Security if you no longer need it, but as a best practice, don't disable a policy until you have reviewed any associated incidents.
  1. To disable a policy, select Data SecurityPolicies<Data Asset/User Activity/Security Control> policies.
  2. To disable your policy, do one of the following:
    • Click on the vertical dots menu under Table Actions against your policy and then click Disable.
    • Click on your Policy Name. In the editing page, disable the Status.
    Data Security displays the disabled policy under the Disabled list.

Technical Documentation

Company

Legal Notices

© 2025 Palo Alto Networks, Inc. All rights reserved.