In a policy, you can define these access control features:
- Acceptable use policy (AUP). Allows or blocks websites based on categories. For more information, see Acceptable use policy.
- Data loss prevention (DLP). Allows your organization to identify and block sensitive or confidential data that's uploaded to websites on the Internet. DLP scans data that’s posted over an HTTP or HTTPS connection. For more information, see Data loss prevention.
- Application visibility and control (AVC). Allows your organization to control access to web applications. You can assign a policy action to define default policy behavior, categories, category operations, applications, and any application operations. This feature is currently in beta. If your organization is participating in the beta, the AVC policy area in the AUP & Shadow IT tab is where you define AUP categories. For more information, see Application visibility and control.