>
    Strata Copilot
    Add a New Data Asset Policy Rule
    Focus
    Download PDF
    Focus
    1. Home
    2. SaaS Security
    3. Data Security Administration
    4. Manage Policy for Sanctioned SaaS Apps in Data Security
    5. Data Asset Policies
    6. Add a New Data Asset Policy Rule
    Download PDF
    SaaS Security

    Add a New Data Asset Policy Rule

    Table of Contents

    Add a New Data Asset Policy Rule

    Learn how to create a new data asset policy rule.
    Data Security enables you to add new policy rules for scanning assets (content) stored on your sanctioned SaaS applications. For example, you can create a policy rule that triggers an alert based on match criteria (for example, an asset's exposure is set to Public) needed to protect a specific asset. An exclamation point for your cloud app denotes no active rules.
    When you create a new data asset policy rule, you have the option to automatically remediate incidents that violate that policy rule. Automatic remediation is a powerful tool and can modify a large number of assets in a short amount of time: before you include these remediation actions in additional policy rules, perform a test using one policy rule and a small set of assets.
    1. Log in to Strata Cloud Manager.
    2. Select ConfigurationSaaS SecurityData SecurityPoliciesData Asset PoliciesAdd Policy.
      You have to complete three steps to create a data asset policy rule. They are:
      1. General Information
      2. Match Criteria
      3. Rule Actions
    3. General Information
      1. Enter a Policy Name and an optional Description.
      2. Select a Severity (building blocks in asset rules) for the policy rule.
      3. Verify that the Status is Enabled.
    4. Match Criteria: Configure the match criteria (for example: Activity, Asset, Data Pattern, Exposure, and others) that you require for your data asset policy rule and click Next.
      • If you configure your match criteria correctly, a green color border appears on those specific match criteria items.
      • If you configure your match criteria incorrectly or leave it incomplete and try to proceed with the next step, a red color border appears on those specific match criteria items along with a specific error message.
      • Click the reset button if you want to get back to the default setting for that specific match criteria.
      A sample screenshot is given below.
    5. Rule Actions
      1. Specify Auto Remediation Action and automatically remediate for change sharingwhen there are policy rule violations.
      2. Configure Other Actions for your policy rule:
    6. Save Policy to create your new data asset policy rule.
      Data Security starts scanning files against the data asset policy rule as soon as you save the changes. After the scan starts, you can start to assess new incidents and fine-tune your new policy rule.

    © 2026 Palo Alto Networks, Inc. All rights reserved.