Begin Scanning a Cisco Webex Teams App
The Aperture service scans messages and files shared on spaces within the Cisco Webex Teams app. To begin scanning a Cisco Webex Teams app:
- Ensure that the Webex Teams account you plan to
use with the Aperture service has sufficient privileges.To connect the Aperture service to a Webex Teams app, you must use a Webex Teams account with Administrator privileges. Make sure the following settings are enabled:
- Log in to https://admin.webex.com, select Usersadmin_account_usernameRoles and Security.
- Enable Full administrator and Compliance
Officer privileges. Make sure to request another administrator to assign the Compliance Officer role to you, so that your account has the correct privileges required to search for sensitive information in the Cisco Webex Teams app.The Webex Teams standard service plan supports data generated during the last 90 days. To enable longer-term visibility, consider upgrading to Cisco Webex Teams Pro Pack service plan before connecting the app on Aperture.
- Add the Webex Teams app.
- From the Aperture Dashboard, select Add a Cloud App.
- Select the Cisco Webex Teams app.
- Connect to Webex Teams Account.
- The Aperture service redirects you to Cisco identity broker to authorize access so that you can enter the email address and password for the Administrator account you want the Aperture service to use when connecting to the Webex Teams app.
- Review and Accept the permissions
to onboard the account to the Aperture service.The new Webex Teams app is added to the list of Cloud Apps as Webex Teams n, where n is the number of Webex Teams app instances that you have connected to the Aperture service. For example, if this is the second Webex Teams app you connect to the Aperture service, the name displays as Webex Teams 2.If you want to give a descriptive name for the app, select the link on SettingsCloud Apps & Scan Settings and enter a new name.
- Configure a bot.A bot is a machine account that automates the process of sending messages on your behalf to users. To use a bot, you must create a bot access token to enable the bot to send these messages. When you Add a New Policy Rule for Content, and select the Notify via bot auto-remediation action, the Aperture service can send a direct message on Webex Teams to the user whose messages or files triggered the policy match. If you do not create a bot, the Aperture service sends a message using the administrator’s name to the space where the user originally shared the file or message.
- Create a bot on the Webex Developer portal (https://developer.webex.com/) using your administrator credentials, and copy the access token.
- Select ActionsConfigure Bot on SettingsCloud Apps & Scan Settings
- Paste the access token on the app, and save your changes.
- Define global scan settings.
Your Internal DomainsWhen you add the Webex bot, the Aperture service automatically adds webex.bot to the list of internal domains to ensure that the bot activity is restricted to the internal domain. Do not delete this entry from the list.
- Define Untrusted Users and Domains
- Enable Data Masking
- Define Your Internal Domains
- Add policy rules or edit existing policy rules.When you add a new cloud app, the Aperture service automatically scans the app against the default data patterns and displays the match occurrences. If you want to generate incidents and identify potential issues that are unique to the new app, as a best practice, consider the business use of your app to determine whether you want to Add a New Policy Rule for Content.
- (Optional) Configure or edit a data pattern.When you add a new cloud app, the Aperture service automatically scans the app against the default data patterns and displays the match occurrences. You can Configure Data Patterns to identify specific strings of text, characters, words, or patterns to make it possible to find all instances of text that match a data pattern you specify.
- Start scanning the new Cisco Webex Teams app for issues.
- Select SettingsCloud Apps & Scan Settings.
- In the Cloud Apps row that corresponds to the new
Webex Teams app, select ActionsStart Scanning.The status changes to Scanning. The Aperture service starts scanning all assets—files, messages—and spaces in the associated Webex Teams app and begins identifying incidents. Depending on the number of Webex Teams users and assets, it may take some time for the Aperture service to complete the process of discovering all assets and users. However, as soon as you begin to see this information populating on the Aperture Dashboard, you can begin to Assess Incidents.On the Webex Teams account, the Aperture service monitors the following activities:
- Add or remove a user from a space.
- Add a moderator to a space.
- Delete a message. The deletion of a message is logged if the message had a file attached to it, or if the message had a policy violation and it created an incident.
- Monitor the results of the scan.As the Aperture service starts scanning files and matching them against enabled policy rules, Monitor Scan Results on the Dashboard to verify that your policy rules are effective.Monitoring the progress of the scan during the discovery phase allows you to Fine-Tune Policy to modify the match criteria and ensure better results.
Supported SaaS Applications
The Aperture service provides a consistent security policy for your SaaS applications to detect data exfiltration and malware propagation. ...
Building Blocks in Aperture Asset Policy
Building Blocks in Aperture Asset Policy An asset (or content) policy rule has the following information: Field Description Rule Name A name for the policy ...
Use Advanced Search
Use Advanced Search To perform an advanced search: Show the assets. Select Explore Assets . Select Advanced to start an advanced search. Create your Use ...
Begin Scanning a Slack for Enterprise App
Begin Scanning a Slack for Enterprise App To begin scanning a Slack for Enterprise app: Enable the privileges required for communication between the Aperture service ...
Begin Scanning a Microsoft Exchange App
Use the Aperture service to scan and identify incidents found when scanning assets and email attachments in your MS Exchange app. ...
Begin Scanning a Box App
Begin Scanning a Box App If you plan to Begin Selective Scanning Using Azure Active Directory Groups Add your Azure Active Directory to Aperture to ...
Begin Scanning a Workplace by Facebook App
Set up a token for your Workplace community to configure your app and connect to the Aperture service to scan assets. ...
Begin Scanning a Jive App
Begin Scanning a Jive App To begin scanning a Jive app: Add the Jive app. From the Aperture Dashboard , Add a Cloud App . ...