Begin Scanning a Microsoft Exchange App

Use the Aperture service to scan and identify incidents found when scanning assets and email attachments in your MS Exchange app.
To begin scanning a Microsoft Exchange app:
  1. Log in to Microsoft Exchange or Office 365 using an account with privileges that will enable communication between the Aperture service and the Microsoft Exchange app.
    Before you can establish communication between the Aperture service and the Exchange app, you must:
    • Go to http://portal.microsoftonline.com and log out of Exchange or Office 365.
    • Log back in to Exchange or Office 365 using an account that has the Global Admin role prior to adding the Exchange app to the Aperture service.
  2. Add the Exchange app.
    1. From the Aperture Dashboard, Add a Cloud App.
    2. Select Microsoft Exchange.
      ms-exchange-tile-prod.png
    3. When prompted, enter the login credentials for the account with Global Admin role privileges on the Microsoft Online page to which you are redirected.
    4. Review and Accept the changes that the Aperture service can perform on your assets in Exchange.
      When authentication succeeds, the Aperture services adds the new Exchange app to the list of Cloud Apps as Microsoft Exchange n, where n is the number of Exchange app instances that you have connected to the Aperture service, for example Exchange 1.
  3. (Optional) Give a descriptive name to this app instance.
    1. Select the Exchange app instance from the Cloud Apps list.
    2. Enter a descriptive Name to differentiate this instance of Exchange from other instances you are managing.
    3. Click Done to save your changes.
  4. Define global scan settings.
  5. Add policy rules.
    When you add a new cloud app, the Aperture service automatically scans the app against the default data patterns and displays the match occurrences. As a best practice, consider the business use of your app to determine whether you want to Add a New Policy Rule for Content to look for risks unique to the new app.
  6. Define security controls scan settings.
  7. (Optional) Configure or edit a data pattern.
    When you add a new cloud app, the Aperture service automatically scans the app against the default data patterns and displays the match occurrences. You can Configure Data Patterns to identify specific strings of text, characters, words, or patterns to make it possible to find all instances of text that match a data pattern you specify.
  8. Start scanning the new Exchange app for risks.
    1. Select SettingsCloud Apps & Scan Settings.
    2. In the Cloud Apps row that corresponds to the new Exchange app, select ActionsStart Scanning.
    The status changes to Scanning. The Aperture service starts scanning assets in the associated MS Exchange app and begins identifying incidents. All email attachments in Exchange are scanned based on defined policies. Email content is scanned based on defined policies only if the sender or receiver of the email is from an external domain. Scanning only starts on installation, and assets without risks are not stored.
  9. Monitor the results of the scan.
    As the Aperture service starts scanning files and matching them against enabled policy rules, Monitor Scan Results on the Dashboard to verify that your policy rules are effective.
    Monitoring the progress of the scan during the discovery phase allows you to Fine-Tune Policy to modify the match criteria and ensure better results.

Related Documentation