1. From Setup, enter Transaction in the QuickFind box, select Transaction Security, and then click Create Policy in Transaction Security Policies.
2. First select what your policy monitors. Choose a category and then select an event or entity in that category.The categories are:Data Export—Notifies you when the selected object type has been exported. To trigger a policy, the export must be done using a default report type from the Report tab or with an API client like Data Loader or Workbench.Note You can’t create a Data Export event policy for joined reports, historical reports, or custom report types.Login—A user login. You can trigger your policy on many types of login events.Resource Access—Notifies you when the selected resource has been accessed. You can block access or require two-factor authentication before access is allowed.Note AccessResource event policies don't trigger when Dashboard Subscriptions send an email. These policies still trigger when users access resources directly from a dashboard.Entity—An object type.Note Lightning Experience supports only the Feed Comment and Feed Item resources, while Salesforce Classic supports all Chatter resources.
3. Data Export—Notifies you when the selected object type has been exported. To trigger a policy, the export must be done using a default report type from the Report tab or with an API client like Data Loader or Workbench.Note You can’t create a Data Export event policy for joined reports, historical reports, or custom report types.
4. Login—A user login. You can trigger your policy on many types of login events.
5. Resource Access—Notifies you when the selected resource has been accessed. You can block access or require two-factor authentication before access is allowed.Note AccessResource event policies don't trigger when Dashboard Subscriptions send an email. These policies still trigger when users access resources directly from a dashboard.
6. Entity—An object type.Note Lightning Experience supports only the Feed Comment and Feed Item resources, while Salesforce Classic supports all Chatter resources.
7. Select Generate Apex unless you have an existing policy condition to use.Transaction Security creates a stub, or placeholder, Apex policy condition. You’ll expand it after creating the policy.
8. Next select what the policy is to do when triggered, who is to be notified and how, and the user that the policy executes as. The user selected forExecute Policy As must have the System Administrator profile.The actions available vary depending on the event type. For login and resource events, you can also block the action or require a higher level of access control with two-factor authentication. For Chatter events, you can freeze the user or block the post. For Login events, you can require ending an existing session before continuing with the current session. You can set the default action for ending a session to always close the oldest session.Note Two-factorauthentication is not available in the Salesforce app or LightningExperience for the Resource Access event type. The Block action is usedinstead.Important If you create a policy requiring the two-factor authentication action, provide your users a way to get a time-based, one-time password. This password is their second authentication factor. Otherwise, if your users encounter a situation that requires a second authentication factor, they can’t finish their task, such as logging in or running a report.
9. Choose a descriptive name for your policy. The name and policy description help you identify and organize policies as they are created.
10. Click Save and then click Finish to confirm. The new policy appears at the bottom of the policy list.