Policy templates
When creating a management policy you can specify a template when creating a policy. When creating a policy from a template you are able to modify the criteria coming from the template if your environment needs some adjustments.
Templates
| Policy | Type |
|---|---|
| Administrative activity from a non-corporate IP address | Activity policy |
| Potential ransomware activity | Activity policy |
| Block upload of potential malware (based on Microsoft Threat Intelligence) | Activity policy |
| Block download of potential malware (based on Microsoft Threat Intelligence) | Activity policy |
| File shared with unauthorized domain | File policy |
| Mass download by a single user | Activity policy |
| Multiple failed user log on attempts to an app | Activity policy |
| New popular app | App discovery policy |
| New high volume app | App discovery policy |
| New high upload volume app | App discovery policy |
| New risky app | App discovery policy |
| Collaboration app compliance check | App discovery policy |
| Cloud storage app compliance check | App discovery policy |
| Cloud storage app compliance check | App discovery policy |
| CRM app compliance check | App discovery policy |
| Logon from a risky IP address | Activity policy |
| Block download based on real-time content inspection | Activity policy |
| Block upload based on real-time content inspection | Activity policy |
| Block cut/copy and paste based on real-time content inspection | Activity policy |
| Access level change (Teams) | Activity policy |
| Externally shared source code | File policy |
| New cloud storage app | App discovery policy |
| New collaboration app | App discovery policy |
| New online meeting app | App discovery policy |
| New CRM app | App discovery policy |
| New Human-Resource Management app | App discovery policy |
| New sales app | App discovery policy |
| New code hosting app | App discovery policy |
| New vendor management system apps | App discovery policy |
| Monitor all activities | Activity policy |
| Activities from suspicious user agents | Activity policy |
| External user added (Teams) | Activity policy |
| Mass deletion (Teams) | Activity policy |
| File shared with personal email addresses | File policy |
| Shared digital certificates (file extensions) | File policy |
| Log on from an outdated browser | Activity policy |