Begin Scanning a Google Drive App
Add your Google Drive App to the Aperture service to begin scanning and monitoring assets for possible security risks.
To begin scanning a Google Drive app:
- Enable the privileges required for communication
between the Aperture service and the Google Drive app.To establish communication between the Aperture service and a Google Drive app, confirm the following:
- The Google Drive administrator account has administrative privileges to read, write, and relocate assets in the app.
- The app is enabled for API access. API access provides visibility into the assets in Google Drive and allows the Aperture service to monitor the sharing of assets.
- Ensure that the Google administrator email domain matches the existing domain in Aperture. For domain exceptions, contact customer support.
- Add the email address of the Google Drive administrator
to the Aperture service.You must add the email address as an administrator and assign a super admin role, before you can connect the Google Drive app to the Aperture service, see Add Aperture Administrators.
- Add the Google Drive app.
- From the Aperture Dashboard, Add a Cloud App.
- Select Google.
- Enter the email address for the Google account with
administrative privileges and Connect to Google Account.if you missed adding the email address of this administrator account to the Aperture service, an error message informs you that the email address is invalid. See Step 2 above.
- Select Install app on the Google apps marketplace page.
- Authenticate your account by entering the account
password on the Google login page.After authentication, Cloud Apps lists your Google Drive app as Google n, for example Google 1. The n is the number of Google Drive app instances that you have connected to the Aperture serviceThe Aperture Service validates that you have provided an administrator account and that the account has the right permissions to authenticate and access all the assets within Google Drive. If the account does not have adequate permissions, the onscreen status displays the error so that you can fix it.
- (Optional) Review and accept the changes that the Aperture service can perform on your assets in Google Drive.
- (Optional) Give a descriptive name to this app
instance and specify an incident reviewer.
- Select the Google n link on the Cloud Apps list.
- Enter a descriptive Name to differentiate this instance of Google Drive from other instances you are managing.
- Specify an Incident Reviewer Account. Use this setting with caution. The account you provide becomes a collaborator on all risks — even private files.
- (Optional) Enter the Organizational Units to scan. You can enter multiple units separated by commas (for example, /var, /www). If you leave this field blank, all units are scanned.
- Click Done to save your changes.
- Set up a Google Remediation account.
- If you are not already on the Settings page for the Google Drive app you just added, select Settings, and click the link that corresponds to the app.
- Enter an email address to use for the Google Remediation Account. This account grants access to all assets (files and folders) in the corresponding Google Drive account.
- Click Done to save your changes.
- Define global scan settings.
- Add policy rules.When you add a new cloud app, the Aperture service automatically scans the app against the default data patterns and displays the match occurrences. As a best practice, consider the business use of your app to determine whether you want to Add a New Policy Rule for Content to look for risks unique to the new app.
- (Optional) Configure or edit a data pattern.When you add a new cloud app, the Aperture service automatically scans the app against the default data patterns and displays the match occurrences. You can Configure Data Patterns to identify specific strings of text, characters, words, or patterns to make it possible to find all instances of text that match a data pattern you specify.
- Start scanning the new Google Drive app for risks.
- Select SettingsCloud Apps & Scan Settings.
- In the Cloud Apps row that corresponds to the new Google Drive app, select ActionsStart Scanning.
- Monitor the results of the scan.As the Aperture service starts scanning files and matching them against enabled policy rules, Monitor Scan Results on the Dashboard to verify that your policy rules are effective.Monitoring the progress of the scan during the discovery phase allows you to Fine-Tune Policy to modify the match criteria and ensure better results.
Add Cloud Apps to the Aperture Service
Add Cloud Apps to the Aperture Service To begin securing the Supported SaaS Applications The Aperture service provides a consistent security policy for your SaaS ...
Begin Scanning a Gmail App
Begin Scanning a Gmail App To begin scanning a Gmail app: Enable the privileges required for communication between the Aperture service and the Gmail app. ...
Begin Scanning a Google Cloud Storage App
Begin Scanning a Google Cloud Storage App Before you begin scanning a Google Cloud Storage app, you must create a service account and enable Administrator ...
Begin Scanning Third-Party Apps on the G Suite Marketplace
Begin Scanning Third-Party Apps on the G Suite Marketplace Before you begin scanning third-party apps, you must create a service account and enable Administrator and ...
Supported SaaS Applications
The Aperture service provides a consistent security policy for your SaaS applications to detect data exfiltration and malware propagation. ...
Begin Scanning a Box App
Begin Scanning a Box App If you plan to Begin Selective Scanning Using Azure Active Directory Groups Add your Azure Active Directory to Aperture to ...
Begin Scanning a Cisco Webex Teams App
Begin Scanning a Cisco Webex Teams App The Aperture service scans messages and files shared on spaces within the Cisco Webex Teams app. To begin ...
Begin Scanning a Microsoft Exchange App
Use the Aperture service to scan and identify incidents found when scanning assets and email attachments in your MS Exchange app. ...
Begin Scanning a Jive App
Begin Scanning a Jive App To begin scanning a Jive app: Add the Jive app. From the Aperture Dashboard , Add a Cloud App . ...