ZCSPM
Cloning Security Policies
ZCSPM offers more than 2500 default security policies for you to manage your security and compliance posture. You can create custom policies by cloning a default security policy, and modifying some parameters in the cloned policy, to meet your organization's specific governance needs.
For example, you could clone and edit the default "Ensure IAM password policy requires minimum length of 14 or greater" security policy in order to change the password length to meet your organization's risk profile.
Cloned policies are mapped automatically to the associated industry benchmark. However, they will not be mapped to private and CIS benchmarks.
A default security policy can:
- Be cloned multiple times. However, each cloned security policy must have unique parameters (i.e., you cannot create two policies that use the same parameters).
- Be cloned at the license level only.
You cannot delete cloned policies. However, you can exclude them at the license and cloud account level.
- To clone a default security policy:
- On the ZCSPM Admin Portal, go to Configurations > Security Policies.
- In the License level tab, choose a cloud service provider.
- Click Cloneable Policies to view all the policies you can clone.
- Choose a security policy and click the Clone icon from the Action column.
- Modify the available parameter and click Clone.
Cloned policies inherits the default policy's control number and has a '_c#' appended to it. For example, if the default policy's control number is 1200 then the cloned policy's control number will be 1200_c1.
Close - To update a cloned security policy:
- On the ZCSPM Admin Portal, go to Configurations > Security Policies.
- In the License level tab, choose a cloud service provider.
- Click Cloned Policies to view all the polices you have cloned.
- Choose a security policy and click the Edit icon from the Action column.
- Modify the available parameter and click Save.
