Begin Scanning a Cisco Webex Teams App

Table of Contents

Use these steps to connect your Cisco Webex Teams application to Data Security.

Where Can I Use This?	What Do I Need?
Strata Cloud Manager	Data Security license Or any of the following licenses that include the Data Security license: CASB-X CASB-PA

Data Security scans messages and files shared on spaces within the Cisco Webex Teams application. Support for automated remediation capabilities varies by SaaS application.

Supported Content
Add Cisco Webex to Data Security

Supported Content

The following table lists the supported content for the Cisco Webex app.

Support For	Details
Scan Content	Rooms, Messages, Files
Backward Scan	Yes
Forward Scan	Yes
Selective Scan	No
User Activities	Activity Monitoring—No Activity Alerting—No Folder Monitoring—No
Auto-Remediation Actions	Change Sharing—No Notify File Owner—Yes Notify Via Bot—Yes User Quarantine—No Admin Quarantine—No Supports deletion of messages and files.
Post-Remediation Actions (Actions after Admin Quarantine)	No Supports deletion of messages and files.
Exposure	Internal, External, Public
Snippet Support	Yes
Known License/Version restrictions	Supported Versions Starter Plus Business Enterprise
Caveats/Notes	None

Add Cisco Webex App to Data Security

Ensure that the Webex Teams account you plan to use with Data Security has sufficient privileges.

To connect a Webex Teams instance to Data Security, you must use a Webex Teams account with administrator privileges. Make sure the following settings are enabled:
1. Log in to https://admin.webex.com, select Usersadmin_account_usernameRoles and Security.
2. Enable Full administrator and Compliance Officer privileges.
  
  Make sure to request another administrator to assign the Compliance Officer role to you, so your account has the correct privileges required to search for sensitive information in the Cisco Webex Teams app.
  
  The Webex Teams standard service plan supports data generated during the last 90 days. To enable longer-term visibility, consider upgrading to Cisco Webex Teams Pro Pack service plan before connecting to Data Security.
To add the Webex application to Data Security, log in to Strata Cloud Manager and select Data SecurityApplicationsAdd ApplicationCisco Webex Teams.
1. Connect Cisco Webex Teams to Data Security.
2. Data Security redirects you to a Cisco identity broker to authorize access so that you can enter the email address and password for the administrator account you want to use when connecting to the Webex Teams application.
  
  The following screenshot shows a successful onboarding.
3. Select View Onboarding Status to view the onboarded Webex app instance.
  
  The new Webex Teams instance is added to the list of Cloud Apps as Webex Teams n, where n is the number of Webex Teams instances you have connected to Data Security. For example, if this is the second Webex Teams instance you connected to Data Security, the name displays as Webex Teams 2.
Define global scan settings.
- Define Your Internal Domain When you add the Webex bot, Data Security automatically adds webex.bot to the list of internal domains to restrict the bot activity to the internal domain. Don't delete this entry from the list.
- Define Untrusted Users and Domains
- Enable Data Masking
Add policy rules or edit existing policy rules.
When you add a new cloud application, Data Security automatically scans assets against the default data patterns and displays the match occurrences. If you want to generate incidents and identify potential issues that are unique to the new instance, as a best practice, consider the business use of your app to determine whether you want to Add a New Data Asset Policy.
(Optional) Configure or edit a data pattern.

If you find the existing data patterns don't identify the incidents you want to prevent from occurring, you can Configure Data Patterns to identify specific strings of text, characters, words, or patterns to make it possible to find all instances of text that match a data pattern you specify.
To start scanning the Cisco Webex Teams instance for issues, select Data SecurityApplicationsCisco Webex TeamsView Settings...Start Scanning.
Data Security starts scanning all assets—files, messages—and spaces in the associated Webex Teams application and identifies incidents. Depending on the number of Webex Teams users and assets, it might take some time for the service to complete the process. However, as soon as you begin to see this information populating on the Dashboard, you can begin to Assess Incidents on Data Security.

On a Webex Teams account, Data Security monitors the following activities. However, activities that occurred before you added the Cisco Webex Teams application to Data Security are not displayed on Data SecurityUsers & ActivityUser Activities.
- Adding or removing a user from a space.
- Adding a moderator to a space.
- Deleting a message — the deletion of a message is logged if the message had a file attached to it, or if the message had a policy violation and created an incident.
Monitor the results of the scan.

As Data Security scans files and matches them against enabled policy rules, you can refer to the Monitor Scan Results on the Dashboard section to verify that your policy rules are effective. Monitoring the progress of the scan during the discovery phase allows you to Fine-Tune Policy to modify the match criteria and ensure better results.