Score Bands
Score bands group employees into risk categories based on their security score. Each band can trigger different automated actions and policies.
Default Score Bands
TIDALBAY includes five default score bands. Each band defines a score range and associated automated actions:
| Band | Score Range | Risk Level | Default Actions |
|---|---|---|---|
| Green | 80 – 100 | Low Risk | No action required |
| Yellow | 60 – 79 | Moderate Risk | Manager notification |
| Orange | 40 – 59 | Elevated Risk | Mandatory training assigned |
| Red | 20 – 39 | High Risk | Access review, elevated monitoring |
| Critical | 0 – 19 | Critical Risk | Account lockout, security alert |
Customizing Bands
Navigate to Admin → Score Bands to customize band thresholds and actions. You can:
- Adjust thresholds: Change the score ranges for each band
- Add bands: Create additional bands for more granular control
- Configure actions: Set which automated actions trigger at each band
- Set notifications: Choose who gets notified when employees enter a band
Band Changes
When you change band thresholds, existing employees are re-evaluated immediately. This may trigger new actions for employees whose scores fall into different bands.
Band Transitions
TIDALBAY tracks when employees move between bands. Transitions can trigger specific actions:
- Downgrade (e.g., Green → Yellow): Triggers the target band's actions plus a transition notification
- Upgrade (e.g., Red → Orange): Can trigger positive acknowledgment notifications
- Critical entry: Always generates a security alert regardless of other settings
Transition Cooldowns
To prevent alert fatigue from employees rapidly moving between bands, you can configure transition cooldowns:
- Default cooldown: 24 hours between repeat notifications for the same band transition
- Critical override: Critical band entries always trigger regardless of cooldown
Best Practice
Start with the default thresholds and monitor for 2-4 weeks before customizing. This helps you understand your organization's score distribution and set appropriate thresholds.
Band-Based Policies
Score bands integrate with your security policies to enforce risk-appropriate controls:
| Policy | Green/Yellow | Orange | Red/Critical |
|---|---|---|---|
| MFA Requirements | Standard | Enhanced | Hardware key required |
| Access Scope | Full access | Sensitive data restricted | Minimal access |
| Training Frequency | Quarterly | Monthly | Weekly |
| Monitoring Level | Standard | Enhanced logging | Full audit trail |
Reporting
The Score Bands dashboard provides visibility into your organization's risk distribution:
- Band distribution chart: Percentage of employees in each band
- Trend analysis: How the distribution changes over time
- Department breakdown: Band distribution by department or team
- Transition history: Recent band changes across the organization