Begin Scanning a Box App
If you plan to use Selective Scanning using Azure Active Directory, you must connect Azure Active Directory before adding your Box app so the Aperture service can discover and scan assets belonging to the user groups you want to monitor. To begin scanning a Box app:
- Ensure that the Box account you plan to use with
the Aperture service has sufficient privileges.Enabling the Edit settings for your company option suppresses email notifications. If you do not enable this setting, every collaborator on an asset receives email notification each time the Aperture service accesses an asset. When you suppress email notification, actions will still appear in users update feeds and in the audit logs.To connect the Aperture service to a Box app, you must use a Box account with Administrator privileges. Make sure the following settings are enabled:
- From within Box, select Admin ConsoleUsers and Groups and select the Administrator account you want to use.
- Allow this user to see all managed users.
- Add the Box app.
- From the Aperture Dashboard, Add a Cloud App.
- Select Box.
- Connect to Box Account.
- Enter the email address and password for the Administrator
account you want the Aperture service to use when connecting to
the Box app and then Authorize.The Aperture Service validates that you have provided an administrator account and that the account has the right permissions to authenticate and access all the assets within Box. If the account does not have adequate permissions, the on-screen status displays the error so that you can fix it.
- After authentication succeeds, Grant access
to Box.The new Box app is added to the list of Cloud Apps as Box n, where n is the number of Box app instances that you have connected to the Aperture service. For example, if this is the second Box app you connect to the Aperture service, the name displays as Box 2.
- (Optional) Give a descriptive name to this app
instance and specify an incident reviewer.
- Select the Box n link on the Cloud Apps list.
- Enter a descriptive Name to differentiate this instance of Box from other instances you are managing.
- Specify an Incident Reviewer Account. Use this setting with caution. The account you provide becomes a collaborator on all risks — even private files.
- Click Done to save your changes.
- (Optional) Choose the user groups whose assets
and accounts you want to monitor.Begin Selective Scanning Using Azure Active Directory Groups for users who belong to specific groups on if you want the Aperture service to scan content. By default, selective scanning is not enabled. If you later want to enable selective scanning, you must delete the Box instance and add it back so the Aperture service can discover all assets and events for all users. All assets and events previously stored will be deleted and incidents reported for users no longer included in the selected groups are automatically closed.
- Select Enable selective scanning and
choose the groups you want to include or exclude from scanning from
the list of groups using >> to add all groups or > to add selected
groups.If a group is edited or removed from selective scanning, it can take up to 7 days to remove assets or activities, and close any related incidents. Adding a group back to selective scanning will record new user activities but not old, previously removed user activities.
- Select Save to continue.
- Select Enable selective scanning and choose the groups you want to include or exclude from scanning from the list of groups using >> to add all groups or > to add selected groups.
- Define global scan settings.
- Add policy rules.When you add a new cloud app, the Aperture service automatically scans the app against the default data patterns and displays the match occurrences. As a best practice, consider the business use of your app to determine whether you want to Add a New Asset Policy Rule to look for risks unique to the new app.
- (Optional) Configure or edit a data pattern.When you add a new cloud app, the Aperture service automatically scans the app against the default data patterns and displays the match occurrences. You can Configure Data Patterns for Content Security to identify specific strings of text, characters, words, or patterns to make it possible to find all instances of text that match a data pattern you specify.
- Start scanning assets on the Box app.
- Select SettingsCloud Apps & Scan Settings.
- In the Cloud Apps row that corresponds to the new
Box app, select ActionsStart
Scanning.The status changes to Scanning. The Aperture service starts scanning all assets in the associated Box app and begins identifying incidents. Depending on the number of Box users and assets, it may take some time for the Aperture service to complete the process of discovering all assets and users. However, as soon as you begin to see this information populating on the Aperture Dashboard, you can begin to Assess Incidents.
- Monitor the results of the scan.As the Aperture service starts scanning files and matching them against enabled policy rules, Monitor Scan Results on the Dashboard to verify that your policy rules are effective.Monitoring the progress of the scan during the discovery phase allows you to Fine-Tune Policy to modify the match criteria and ensure better results.
Connect Aperture to Directory Services
Connect an active directory service to Aperture to begin scanning a selective subset of groups. ...
Add Cloud Apps to the Aperture Service
Add Cloud Apps to the Aperture Service To begin securing the Supported SaaS Applications The Aperture service provides a consistent security policy for your SaaS ...
Supported SaaS Applications
The Aperture service provides a consistent security policy for your SaaS applications to detect data exfiltration and malware propagation. ...
Begin Scanning a Microsoft Exchange App
Use the Aperture service to scan and identify incidents found when scanning assets and email attachments in your MS Exchange app. ...
Begin Scanning a Jive App
Begin Scanning a Jive App To begin scanning a Jive app: Add the Jive app. From the Aperture Dashboard , Add a Cloud App . ...
Begin Scanning a Workplace by Facebook App
Set up a token for your Workplace community to configure your app and connect to the Aperture service to scan assets. ...
Begin Scanning a Cisco Webex Teams App
Begin Scanning a Cisco Webex Teams App The Aperture service scans messages and files shared on spaces within the Cisco Webex Teams app. To begin ...
Begin Selective Scanning Using Azure Active Directory Groups
Add your Azure Active Directory to Aperture to enable selective scanning of groups. ...