Manage the Allow All Policy
Learning Objectives
After completing this unit, you'll be able to:
- Explain the difference in default governance posture between new and existing Data Cloud orgs.
- Describe the purpose and function of the allow all policy.
- Develop a strategic plan for managing the allow all policy to establish a secure baseline.
Data Governance in New Versus Existing Orgs
Data Cloud provides two different default security postures, depending on when your org was created.
New Orgs Are Secure by Default
Brand-new Data Cloud orgs start with a “deny by default” posture. This means no user can access any data unless you create a policy that explicitly grants them access. This is the most secure starting point.
Existing Orgs Have Access Maintained by Default
To avoid disrupting business, orgs that were using Data Cloud before advanced governance features were enabled start with a preactivated policy called Allow All. It grants users access to all objects within their assigned data spaces, mimicking the behavior before granular policies were available. As an established company, NTO’s org would have this policy.
The Allow All Policy: Function and Risk
The allow all policy serves as a bridge, ensuring continuity of access while you plan your transition to a granular, policy-based model. However, its presence has critical implications.
As long as the allow all policy is active, it creates a baseline of universal access. This means that any granular allow policies you create will have no effect, because the allow all policy already grants access. Only deny policies will be enforced, as they always take precedence.
This means the primary long-term goal for an admin at NTO is to plan for the eventual deletion of the allow all policy. Only after it’s deletion will granular allow policies begin to function, enabling a true least privilege access model.
A Strategic Approach to Deactivation
Simply deleting the allow all policy without a plan could instantly revoke all data access for every user, bringing business operations to a standstill. It’s crucial to treat this policy deletion as a strategic project.
NTO’s data team should follow this phased approach.
- Phase 1: Audit and Design. Do not delete the policy yet. First, inventory all current data access patterns to understand who needs access to what. Use this information to design your new set of granular ABAC Allow policies.
- Phase 2: Build and Test. With the allow all policy still active, build all of your new granular Allow and Deny policies. You can build them without impacting current users.
- Phase 3: Communicate. Inform your users about the upcoming change in how data access is managed. Schedule a maintenance window for the transition.
- Phase 4: Execute the Switch. During the scheduled window, deactivate and delete the allow all policy, then immediately activate all of your new, granular ABAC policies.
- Phase 5: Validate and Support. After the switch, work with users to confirm they have the correct level of access and be prepared to troubleshoot as needed.
Wrap-Up
You’ve now walked through the full governance journey in Data Cloud: from understanding the strategic importance of governance to designing a scalable tagging framework to enforcing access with intelligent policies and, finally, to managing your org’s default security posture. You’ve explored how governance in Data Cloud protects sensitive information, builds customer trust, and supports compliance—while still enabling your teams to work productively. With these concepts, you can create governance frameworks that protect sensitive data, meet compliance needs, and keep your business running smoothly.
Resources