---
title: "NordLayer Browser security policies"
slug: "nordlayer-browser-security-policies"
updated: 2026-06-03T08:37:17Z
published: 2026-06-03T08:37:17Z
---

> ## Documentation Index
> Fetch the complete documentation index at: https://help.nordlayer.com/llms.txt
> Use this file to discover all available pages before exploring further.

# NordLayer Browser security policies

Security policies enable administrators to implement Data Loss Prevention (DLP) controls across an organization through centralized browser management. These policies can be tailored to specific teams to allow or block file transfers and clipboard operations, effectively preventing unauthorized data leaks.

When no rules are configured, or when no existing rule matches a given action, the following defaults apply:

- **File downloads, File uploads, Copy to clipboard, Paste from clipboard** — default behavior is Allow, meaning no restrictions are active.
- **Camera, Microphone** — default behavior is **Ask**, which follows standard browser behavior by prompting the user for permission on each site.

Note

The **Ask** default for Camera and Microphone may appear inconsistent compared to the other actions, which default to **Allow**. This reflects how browsers natively handle device access permissions. As more browser-controlled actions are added to Security policies over time, this pattern will become more apparent.

When creating a new policy, administrators can choose a policy action (either **Allow** or **Block**) for selected user actions on specified destinations. This flexibility lets you, for example, allow microphone and camera access only on approved video conferencing domains while blocking those actions everywhere else.

## How to set up NordLayer Browser security policies?

Before getting started, you'll need to enable NordLayer Browser under the Platform Solutions tab as a prerequisite.

1. Navigate to **Platform solutions** and select **NordLayer Browser**.
2. Select **Security policies** from the submenu.

![Screenshot 2026-06-03 at 11.28.02.png](https://cdn.document360.io/fc1049cd-8f71-4b89-b9b8-dbca9fdcdd16/Images/Documentation/Screenshot%202026-06-03%20at%2011.28.02.png)

1. Click the **Create policy** button.

![Screenshot 2026-06-03 at 11.28.50.png](https://cdn.document360.io/fc1049cd-8f71-4b89-b9b8-dbca9fdcdd16/Images/Documentation/Screenshot%202026-06-03%20at%2011.28.50.png)

1. In the opened window:
  1. Enter a security policy name (it must not exceed 100 characters)
  2. Select which teams the policy applies to (you may select multiple teams)
  3. Choose a policy action: **Allow** or **Block**
  4. Tick the user actions the policy applies to:
    - File downloads
    - File uploads
    - Copy to clipboard
    - Paste from clipboard
    - Microphone
    - Camera
2. Choose **Any** to apply the policy to all destinations, or choose **Specified destinations** to define specific domains and/or IP addresses.

Note

If using **Specified destinations**, enter the domains, subdomains, wildcards, and/or IP addresses where the policy action will apply. You may list up to 100 entries. The correct format for destinations should be *example.com, *.example.com, or 172.100.2.10*. There is no need to include "*https://*" or "*www*" at the beginning of the domain name. All destinations must be separated by commas or spaces.

1. When you're finished configuring the policy, click **Create policy** to save your changes.

Security policies can be created at any time, but they only take effect when the browser is enabled and running.

Please note

- There is a limit of 200 policies per organization.
- Policies are applied according to priority, from top to bottom.
- When users belong to multiple teams, the most restrictive policy applies.
- Creating a rule that combines **Allow** as the action, **Camera and/or Microphone** as the selected user actions, and **Any** as the destination is not supported. If you attempt this combination, a warning will be displayed and the rule creation will be blocked.

NordLayer Browser continues to evolve based on user feedback and organizational needs. Some functionality may change as the feature develops.

---

**Note**: In case you have any questions or are experiencing any issues, please feel free to contact our [24/7 customer support team](https://help.nordlayer.com/docs/how-do-i-contact-nordlayer-customer-support).