Reorder policy priority

Reorder policy priority

Because multiple policies can be added to a group, policy priority plays an important part in deciding which policies will be applied to a user.

Let's look at an example to understand policy priority. The group "Weekend Shift" has four members: Amelia, Arthur, David, and Eduardo. The group has two policies, Policy A and Policy B, applied to it. Arthur is excluded from Policy A, David is excluded from Policy B, and Amelia is excluded from both.

In addition to the two policies, there is also a Default Policy applied to all users in the organization. It will have the lowest priority, and it can't be re-ordered, disabled, or deleted.


Amelia
Arthur
David
Eduardo
Policy A
x
x


Policy B
x

x

Default Policy





Default Policy and Policy A have a password policy configured, and Policy B has a password policy and MFA configured.
security-policy-priority
Policy priority works top to bottom. When a user has more than one applicable policy, the top policy will be applied. If the top policy doesn't have one or more of the components (Password policy, MFA, Allowed IPs, Session management) configured, then those missing components will be applied from the policy with the next highest priority.

In our example, Amelia will have only the Default Policy applied to her, Arthur will have Policy B applied to him, David will have Policy A applied to him, and Eduardo will have A's password policy and B's MFA policy applied to him.

In the mobile application: 

  1. Open the Zoho One app on your mobile device, then tap  in the top-right corner.
  2. Tap  in the bottom-right corner, then tap Security Policies.
  3. Tap and hold next to the desired security policy, then move it up or down to reorder the list.

In the web application:

  1. Sign in to the Zoho One, then click Directory in the left menu.
  2. Go to Security, then click Security Policies.
  3. Click and drag to reorder the policies. The top policy has the highest priority.
    • Related Articles

    • Delete a security policy

      When a security policy is deleted, the priorities of the remaining policies will be reordered and applied accordingly. Learn more about policy priority. In the mobile application:  Open the Zoho One app on your mobile device, then tap  in the ...
    • Add security policy

      In the mobile application: Open the Zoho One app on your mobile device, then tap  in the top-right. Tap  in the bottom-right, then tap Security Policies. Tap Add, then enter the Policy Name.  Choose the groups the policy will be applied to. To ...
    • Security Policies - Overview

      Security policies are a set of customizable rules that govern how your users can authenticate themselves. They consist of four components: Password policy: This component dictates how strong the users' passwords must be and how often they have to be ...
    • Apply an existing security policy to new groups

      When applying a policy to a new group, remember to take the policies already applied to the group into account. When a group has multiple security policies, they will be applied based on the policy priority. In the mobile application:  Open the Zoho ...
    • Deactivate a security policy

      When a security policy is deactivated, the priorities of the remaining policies will be reordered and applied accordingly. Learn more about policy priority. In the mobile application:  Open the Zoho One app on your mobile device, then tap  in the ...