When you create a new Security Profile, you need to create rules assigned to that profile. These rules enable the customer to control the type of actions and the availability of services that can be performed by groups of Things. There are three type of rules that can be assigned to a Security Profile.