Office365 High-level Workflow
Configuration of an Office365 App - Define the App
|2.||Navigate to Azure Active Directory > App registrations.|
|3.||Click on + New registration. |
|4.||Type the user-facing display name for the application, and then click the Register button.|
|5.||Save the Application (client) ID and Directory (tenant) ID. These details will be needed to configure the Votiro Cloud connector.|
|6.||Select Certificates & secrets and click on + New client secret. Note that the client secret expiry date can be up to 24 months from its creation.|
|7.||Copy and save the new client secret Value immediately, because this won’t be available anymore after exiting this page. The client secret will be needed to configure the Votiro Cloud connector.|
Configuration of an Office365 App - Grant Permissions to the App
|1.||Select API permissions.|
|a.||All the permissions below are defined for Type = Application|
|b.||The permission for User.Read is defined for Type = Delegated.|
|c.||If any permissions are missing, add them by clicking on Microsoft Graph.|
|3.||Approve all permissions by clicking on Grant admin consent for<user name>.|
|4.||Verify that all the permissions were granted.|
Connecting the Office365 App to Votiro Cloud
To get to the Office365 page, from the navigation pane on the left, click Cloud Connectors > Office365 Mail.
The Office365 Mail page contains the following fields:
Specify a policy for the Office 365 connector to work with. Select the Default Policy policy if you have not created an alternative policy to use.
|2||Azure Tenant Id|
Specify the Tenant ID, which can be obtained by contacting Votiro Support.
To integrate with your Azure tenant, copy and paste the Azure application Directory (tenant) ID that you saved in step 5 above.
To integrate with your Azure tenant, copy and paste the Azure Application (client) ID that you saved in step 5 above.
|4||Client Secret||To integrate with your Azure tenant, copy and paste the Azure Secret Value that you saved in step 7 above.|
|5||Channel Name||Specify the name of your channel. The channel name appears on the Incidents page as the name of a connector.|
|6||Monitored Users||The left column will contain all users under the Azure tenant account. To authorize specific users to be able to sanitize files, select the users from the left column and click Add. To deny sanitization authorization to specific users, select the users from the right column and click Remove. To add/remove all/no users, click the All/None buttons in the respective column.|
|7||Monitored Groups||The left column will contain all groups under the Azure tenant account. To authorize specific groups to be able to sanitize files, select the groups from the left column and click Add. To deny sanitization authorization to specific groups, select the groups from the right column and click Remove.
If a group is enabled/disabled for sanitization, all the group users are enabled/disabled even if the group users were not enabled/disabled in the Monitored Users field.
|1.||Select a Policy Name from the given options. You can define a new policy from the Policies tab. In the example above, the Policy Name is "Office 365 Policy".|
|2.||Copy and paste the Azure Tenant Id, Client Id and Client Secret saved in step 5 and step 7 above.|
|3.||Type a Channel Name. In the example above, the Channel Name is "Office 365".|
|4.||When finished making changes, click on Save Changes.|
Connecting the Office365 App to Votiro Cloud - Add Protected Users and Groups
|1.||After setting the above configurations, the users and groups are imported from Microsoft to the Votiro Connector page:|
|2.||Select the users and groups you want to protect with Votiro, by dragging or adding them to the right column, then click the Save Changes button:|
Office 365 Behavior when using the Votiro Office 365 App
|1.||When sending email with attachments to the protected users/groups, the attachments will be sent to the Votiro Cloud engine for sanitization.|
|2.||While the attachments are undergoing sanitization by Votiro Cloud, the recipient’s mailbox attachment will be replaced with an InProcess_<filename> attachment:|
|3.||After the attached file completes the sanitization processing, the results are displayed.|
|a.||If the attachment was sanitized successfully, the sanitized file will be displayed in the mailbox:|
|b.||If the attachment was blocked, a blocked PDF file will replace the original attachment.|
|4.||The sanitization rate is a maximum of 6900 emails per hour.|
Office 365 App Behavior for Password Protected Files
|1.||If the user sent a password protected file, the attachment file will be replaced with a password protected blocked PDF.|
|2.||To release a password protected file that was blocked:|
|a.||In the blocked PDF, click on I have a password. The password protected portal is displayed:|
|b.||Enter the file's password and click on Release to Office 365. Votiro displays the message:|
|c.||The attachment will be replaced with the sanitized password protected file:|