Begin Scanning a Workplace by Facebook App
Set up a token for your Workplace community to configure your app and connect to the Aperture service to scan assets.
Before you can begin scanning a Workplace by Facebook app, you must configure a token that generates an app with specific user permissions enabled and a page, a type of bot for your Workplace community. The page name reflects the name of your custom integration, and the profile picture matches the icon you chose when creating the custom configuration. As you prepare the Workplace account, take note of the token shown to you when creating your custom integration, since it is shown only once, and required to complete the setup of the Workplace app within Aperture and to read and write posts on your page.
To begin scanning a Workplace by Facebook app:
- Prepare your Workplace by Facebook account to
work with the Aperture service.
- Log in to the Workplace by Facebook console as an administrator.
- In your company dashboard, select IntegrationsCreate Custom Integration.
- Choose a relevant name and description for the app, such as "Aperture by Palo Alto Networks" and click Create.
- (Optional) Select an icon for the app by clicking Update on the icon placeholder. This icon displays any time the app is visually represented, such as in a group posting.
- Each Workplace app comes with unique Permissions to
control the information being read or written to by that app. Grant
the following permissions:PermissionDescriptionRead Group ContentRead posts, comments, and member profiles in selected groups.Manage Group ContentManage posts and comments in selected groups.Manage GroupsEdit or remove selected groups and their members.Impersonate AccountPost and comment in groups and read messages from any user account.Read Security LogsAccess details of security events, including login attempts and password requests.
- Click Create Access Token read
and understand the token terms and click Done. Save the configuration.Copy and safely store the access token shown to you, as you will need the token to setup your account in Aperture and make API calls. As a system administrator, it is important to make sure that you only share access tokens with trusted developers within your organization and Facebook-approved third-party developers.
- Add the Workplace by Facebook app to Aperture.
The Aperture service adds the Workplace by Facebook app to the list of Cloud Apps.
- From the Aperture Dashboard, Add a Cloud App.
- Select Workplace by Facebook.
- Select Connect to Workplace by Facebook account.
- Enter the Access Token you noted in the previous step.
- Click OK.
- (Optional) Give a descriptive name to this app
instance and specify an incident reviewer.
- Select the Workplace by Facebook link on the Cloud Apps list.
- Enter a descriptive Name to differentiate this instance of Workplace by Facebook from other instances you are managing.
- Define global scan settings.
- Add policy rules.When you add a new cloud app, the Aperture service automatically scans the app against the default data patterns and displays the match occurrences. As a best practice, consider the business use of your app to determine whether you want to Add a New Policy Rule for Content to look for risks unique to the new app.
- (Optional) Configure or edit a data pattern.When you add a new cloud app, the Aperture service automatically scans the app against the default data patterns and displays the match occurrences. You can Configure Data Patterns to identify specific strings of text, characters, words, or patterns to make it possible to find all instances of text that match a data pattern you specify.
- Start scanning the new Workplace by Facebook app for
- Select SettingsCloud Apps & Scan Settings.
- In the Cloud Apps row that corresponds to the new
Workplace by Facebook app, select ActionsStart Scanning.The status changes to Scanning. The Aperture service starts scanning all assets in the associated Workplace by Facebook app and begins identifying incidents. Depending on the number of assets, it may take some time for the Aperture service to complete the process of discovering all assets and users. However, as soon as you begin to see this information populating on the Aperture Dashboard, you can begin to Assess Incidents.
- Monitor the results of the scan.As the Aperture service starts scanning files and matching them against enabled policy rules, Monitor Scan Results on the Dashboard to verify that your policy rules are effective.Monitoring the progress of the scan during the discovery phase allows you to Fine-Tune Policy to modify the match criteria and ensure better results.
Add Cloud Apps to the Aperture Service
Add Cloud Apps to the Aperture Service To begin securing the Supported SaaS Applications The Aperture service provides a consistent security policy for your SaaS ...
Supported SaaS Applications
The Aperture service provides a consistent security policy for your SaaS applications to detect data exfiltration and malware propagation. ...
New Features Introduced in October 2017
New Features Introduced in October 2017 The following table provides a snapshot of new features introduced for Aperture™ in October 2017. Refer to the Aperture ...
Begin Scanning a Cisco Webex Teams App
Begin Scanning a Cisco Webex Teams App The Aperture service scans messages and files shared on spaces within the Cisco Webex Teams app. To begin ...
Begin Scanning a Microsoft Exchange App
Use the Aperture service to scan and identify incidents found when scanning assets and email attachments in your MS Exchange app. ...
Begin Scanning a Box App
Begin Scanning a Box App If you plan to Begin Selective Scanning Using Azure Active Directory Groups Add your Azure Active Directory to Aperture to ...
Begin Scanning a Jive App
Begin Scanning a Jive App To begin scanning a Jive app: Add the Jive app. From the Aperture Dashboard , Add a Cloud App . ...
Begin Scanning a Slack for Enterprise App
Begin Scanning a Slack for Enterprise App To begin scanning a Slack for Enterprise app: Enable the privileges required for communication between the Aperture service ...
Begin Scanning Microsoft Office 365 Apps
Begin Scanning Microsoft Office 365 Apps To begin scanning Microsoft Office 365 apps: Add company.onmicrosoft.com as an internal domain. See Define Your Internal Domains Add ...