Safetica integration with Office 365

In this article, you will learn more about Safetica 9.5 integration with Microsoft Exchange Online, OneDrive and SharePoint.

If you are configuring your Office 365 integration for the first time or if you are setting up a new Azure tenant, please perform the steps mentioned in this knowledge base article.

The integration with O365 has changed considerably since earlier versions of Safetica, so we recommend updating to Safetica 9.5 or higher before following the steps described below.

Safetica 9.5 brings automated and simplified configuration of auditing and protection features for your e-mails and files stored in the cloud. Thanks to Office 365 integration, you will be able not only to audit cloud e-mails and files, but also to protect your e-mail using configured Safetica DLP policies. WebSafetica service is required for this integration to work correctly.

To be able to configure all the features mentioned below, you will need to log in to your Azure tenant with administrator rights so that Safetica is granted the necessary permissions. These permissions are only granted temporarily for the configuration of the needed settings.

For now, Safetica can only connect to one tenant at a time. If you would like to switch to a different tenant, Safetica must perform a cleanup of settings. This might take a while, and you will only be able to connect to another tenant once the cleanup is finished. 

Safetica Exchange Online audit and protection

In Safetica, you can both audit your cloud e-mail and protect it using your DLP policies. Please note, however, that DLP protection is only available in Safetica Protection and Safetica Enterprise. Safetica Discovery contains auditing features.
The auditing feature uses e-mail settings from Safetica Discovery to monitor files moving through the cloud. The DLP policy integration currently only supports general Safetica policies and policies applied to metadata-based data categories.
Safetica DLP policies are applied to matching Azure AD users (e.g. root DLP policy will be applied to all Azure AD users present in the Safetica user tree; a policy for a specific node will only be applied to the Azure AD users belonging to this node etc.). DLP policies are applied to all Azure AD users, regardless of whether they have Safetica Client installed on their computers or not.

To enable auditing and/or Safetica DLP protection for your Exchange Online cloud e-mails:

  1. Log in to Safetica Management Console.
  2. Go to Maintenance -> Integration settings -> Office 365 Integration.
  3. To enable the auditing feature, use the Audit and log Office 365 e-mail .
  4. To enable Safetica DLP protection, use the Apply Safetica DLP policies to Office 365 e-mail slider.
  5. Click []. An Azure tenant sign-in window may appear.

Safetica OneDrive and SharePoint audit

Safetica can also perform file monitoring for OneDrive and SharePoint, so you can see what files are downloaded or publicly shared. Audit logs, however, can currently only be viewed in WebSafetica under Data Security/Office 365

To enable this feature:

  1. Log in to Safetica Management Console.
  2. Go to Maintenance -> Integration settings -> Office 365 Integration.
  3. Enable this feature by using the Audit and log Office 365 file operations slider.
  4. Click []. An Azure tenant sign-in window may appear.

You can learn more about Office 365 integration in this introduction video: