Adding a risk policy
Before you begin
Make sure that:
-
You have set up a PingOne connection in PingAccess.
-
You have your PingOne credential easily accessible to copy and paste.
For more information, see Adding a PingOne connection.
About this task
To add a risk policy:
Steps
-
In the PingAccess administrative console, go to Access → Risk Policies and click +Add Risk Policy.
-
Complete the fields.
For more information, see Risk policy field descriptions.
You can only configure a PingOne risk policy in PingOne Protect.
If you haven’t enabled device profiling in a PingAccess risk policy configuration, then you shouldn’t include New Device or other device-related PingOne predictor types in the associated PingOne risk policy.
Some of these device-related predictor types are included in the default PingOne risk policy. If you haven’t enabled device profiling, make sure to remove the following predictor types from your configuration or adjust the weights or scores associated with them:
-
Anonymous network detection
-
Geovelocity anomaly
-
IP reputation
-
IP velocity
-
New device
-
User location anomaly
For more information, see Risk policies in the PingOne Cloud Platform documentation.
-
-
Click Save.
Next steps
After you’ve created a PingAccess risk policy, you can assign it to a specific application or resource. For more information, see Application field descriptions or Adding application resources.