Skip to main content

Cloud Directory

Security policies

You can use security policies to restrict login activity based on geolocation, time and device posture attributes.

Policy association

Security policies can be associated with any of your custom-defined groups, or they can be applied to built-in groups for All users or All admins.

📔
Please note that All admins and All users groups are mutually exclusive.

Configuring security policies

Geolocation policy

Geolocation policy provides ability to restrict access to specific countries and optionally define time window to further restrict access during limited hours of the day.

For example, for the policy below users accessing from India & Nepal can only access between 09:00-17:30 UTC, while users accessing from United States of America have unrestricted access during any time of the day. Users accessing from rest of the world will be denied access.

Mobile device trust policy

Users subjected to a device trust policy can only use the idemeum web portal on a mobile device that has idemeum application installed and the device meets device the requirements defined by the policy. Policy also allows administrator to completely block a mobile platform as shown below.

Network policy

Users subjected to a network policy can only login from the devices with public ipv4 address that match the policy rules.