Configuring Policies
Learn how to configure policies to match your organization's security requirements.
Accessing Policy Configuration
- Navigate to Policies in the sidebar
- Browse policies by category or search
- Click a policy to configure it
Policy Settings
Basic Settings
Enable/Disable
Toggle the policy on or off:
- Enabled - Policy actively monitors and enforces
- Disabled - Policy doesn't run
Policy Name
- Pre-built policies have fixed names
- Custom policies can be named descriptively
Description
- Document what the policy does
- Note any organization-specific context
Trigger Behavior
Configure what happens when the policy matches:
| Behavior | User Experience | Alert Created |
|---|---|---|
| Block | Action prevented, warning shown | Yes |
| Warn | Warning shown, user can proceed | Yes |
| Log | No user notification | Yes |
tip
Start with Warn for new policies to observe patterns before enforcing blocks.
Sensitivity
Adjust how aggressively the policy matches:
| Level | Description | False Positive Rate |
|---|---|---|
| Low | Only high-confidence matches | Lower |
| Medium | Balanced detection | Moderate |
| High | Catch more potential matches | Higher |
Detection Configuration
Pattern Settings
For pattern-based policies:
Pattern: \b\d{3}-\d{2}-\d{4}\b
Options: Case insensitive
Context: Surrounding 50 characters
Keyword Lists
For keyword-based policies:
- Click Edit Keywords
- Add words/phrases (one per line)
- Configure matching:
- Exact match - Word boundaries
- Contains - Anywhere in text
- Regex - Pattern matching
- Save changes
Allowlist
Exclude legitimate matches:
- Click Manage Allowlist
- Add patterns to allow:
- Specific values (e.g., test SSN
123-45-6789) - Patterns (e.g.,
test-*) - Users (e.g.,
security-team@company.com)
- Specific values (e.g., test SSN
- Add justification for audit trail
- Save
Scope Configuration
Platform Scope
Choose where the policy applies:
- All AI Platforms - Universal enforcement
- Specific Platforms:
- ChatGPT
- Claude
- Google Gemini
- Microsoft Copilot
- Custom platforms
User Scope
Define who the policy affects:
| Scope | Description |
|---|---|
| All Users | Everyone in organization |
| Specific Teams | Selected teams only |
| Specific Users | Individual users |
| Exclude Users | Everyone except listed |
Site Overrides
Override policy behavior on specific sites:
- See Site Controls for details
Creating Custom Policies
ProfessionalNew Policy Wizard
-
Click Create Policy
-
Select a template:
- Keyword Match - Match specific words
- Pattern Match - Regex-based detection
- Data Type - Structured data formats
- Blank - Build from scratch
-
Configure the policy:
Step 1: Basic Info
- Name your policy
- Select category
- Add description
Step 2: Detection Rules
- Define what to match
- Set sensitivity
- Configure context window
Step 3: Behavior
- Choose trigger action
- Set notification preferences
- Configure escalation
Step 4: Scope
- Select platforms
- Choose users/teams
- Set exceptions
Example: Custom Policy
Scenario: Block sharing of project codename "Phoenix"
Name: Project Phoenix Protection
Category: Intellectual Property
Detection:
Type: Keyword
Terms: ["Project Phoenix", "Phoenix initiative", "Operation Phoenix"]
Match: Case insensitive
Behavior:
Action: Block
Message: "This content may contain confidential project information."
Scope:
Platforms: All
Users: All except security-team
Policy Testing
Test Mode
Test policies without affecting users:
- Enable Test Mode on the policy
- Policy runs but doesn't enforce
- View would-be alerts in dashboard
- Tune as needed
- Disable test mode to enforce
Test Content
Use the policy tester:
- Click Test Policy
- Enter sample content
- See if policy would trigger
- View match details
Policy History
Track changes to policies:
- Open policy settings
- Click History tab
- See all changes with:
- Who made the change
- What was changed
- When it changed
- Compare versions
- Revert if needed
Bulk Operations
Import/Export
Export policies for backup or transfer:
- Select policies (or all)
- Click Export > JSON
- Download configuration file
Import policies:
- Click Import
- Upload JSON file
- Review changes
- Confirm import
Bulk Enable/Disable
- Select multiple policies
- Click Bulk Actions
- Choose Enable or Disable
- Confirm action
Best Practices
Policy Naming
- Use clear, descriptive names
- Include what's detected
- Note the category
Documentation
- Document why each policy exists
- Note business requirements
- Track who requested it
Testing
- Always test before enabling Block mode
- Use representative test data
- Check for false positives
Review Cycle
- Review policies monthly
- Adjust based on alert volume
- Archive unused policies
Related Topics
- Policy Overview - How policies work
- Policy Categories - Available categories
- Exceptions - Handle special cases