Creating and Managing Computer Policies

Computer policies govern security-related behaviors that are controlled at specific computers. A computer policy created by an Administrator at one site is available to Administrators across the enterprise at any Imprivata site. The Computer Policies page under the Computers menu lists the computer policies, and the number of computers that use them.

You can have any number of computer policies, however:

  • Each computer must be assigned exactly one computer policy. If you do not assign a policy, the default computer policy is applied to the computer.

  • You can edit and rename the default computer policy, but you cannot delete it.

Click on a computer policy to view its details. Each computer policy page contains the following tabs:

  • General tab — For Configuring Computer Policy General Settings
  • Shared Workstation tab — For Enabling Shared Kiosk Workstations in Computer Policies
  • Virtual Desktops tab — Imprivata provides extended integration and strong authentication support for VMware Horizon and Citrix XenDesktop virtual desktops and Citrix XenApp virtual applications. Use this tab to streamline access to the Virtual Desktop Access environments and automatically start the clients. These settings only determine how clients and endpoints behave. See Imprivata Virtual Desktop Access
  • Connector for Epic — Users can sign transactions such as e-prescribing, attestation, or close patient encounter with their proximity card, fingerprint, cell phone, OTP token or other methods.
  • Citrix or Terminal Server tab — Imprivata OneSign supports user roaming and fast user switching in Citrix and Microsoft Terminal Server environments. See Imprivata Virtual Desktop Access
  • Fingerprint tab — For Setting Fingerprint Identification Parameters in a Computer Policy.
  • Extensions tab — Extension objects allow Imprivata OneSign to extend beyond its base capabilities to support external software tools. You enable Imprivata OneSign extension objects on a computer-by-computer basis. For example, a hospital with Imprivata OneSign Single Sign-On (SSO) can have a computer policy for all computers that run MEDITECH applications, and include in that policy the Managed Exit for MEDITECH Extension Object to manage graceful shutdown of MEDITECH applications. Imprivata OneSign Extension Objects are explained in Imprivata OneSign Extension Objects.
  • Override and Restrict tab — You can override user policy settings for specific computers as detailed in Setting Computer Policies to Override User Policies.
  • Customization tab — For customizing logos, backgrounds, and text prompts for your enterprise.

Each new policy is based on the settings in the Default Computer Policy. When you click Add on the Computer policies page, the Computer policy page opens.

Click Copy to duplicate a selected computer policy. This makes it easy to generate a new policy with similar settings.

Copying policies duplicates them under the same name with a (2) appended. The copies inherit all the properties of the original policy, but are not assigned to any computers. As with user policies, if you delete a copy of a policy, select a replacement policy for computers that used the policy to be deleted.