This documentation is archived and is not being maintained.

Enterprise Policy Administration

The enterprise policy level affects every computer and user on the network and can only be administered by enterprise or domain administrators. See the section on Deploying Security Policy for information on deployment strategies.

Because the runtime evaluates enterprise policy first, you can apply the LevelFinal attribute to a code group on this level to exclude the lower levels from making policy changes. If you do not apply the LevelFinal attribute to code groups on this level, administrators of lower security levels will be able to assign more permissions to applications without your knowledge and potentially create security vulnerabilities.

You might consider administering policy on this level when every person in your enterprise uses an application and you want to make sure that it always receives sufficient permission to run.

See Also

Security Policy Best Practices

Show: