Using MCAS to block file upload to SharePoint Online based on (external) file property?
Hi, With MCAS (by file policy or by Conditional Access App Control), would it be possible to act on single file if specific file property matches search criteria? E.g. if any value in multivalued property "Tags" in Office file matches "testtag01" or if any value in multivalued property "Keywords" in PDF file matches "testtag01". I've tried with O365 DLP, but with traditional Office 365 DLP issue is that those properties are not indexed in SharePoint search index by default and therefore DLP wont detect those.
CAS / MIP / DLP Secure Whatsapp session
Hello guys, I am looking for a way to enable users from my company to use whatsapp web and control the session using CAS, MIP and DLP to prevent data exfiltration, is there a way to do that? I'm new to that solutions and wasn't able to find any documentation about that. thanks a lot!
MCAS API Connector - Connect GCP - Error: Failed to create sink via Stackdriver Logging API
Hi Everyone, I follow the Microsoft official procedure (Link: https://docs.microsoft.com/en-us/cloud-app-security/connect-google-gcp-to-microsoft-cloud-app-security) to connect GCP to MCAS through API Connector. Unfortunately when I'm going to connect GCP the MCAS report the following error: Error: Failed to create sink via Stackdriver Logging API. Any suggestion? Is there a way to solve this issue? Thanks in advance. Regards, Vittorio (Security Team Lead)Lag in Cloud App Security
Does anyone else notice/experience a lag in the logging within Microsoft Cloud App Security? It's more noticeable with connections to other cloud services but even processing rules around revoking rights to for example files flagged as sensitive seems to take longer than what I would describe as acceptable to process (so more than 30 minutes). As a small team, ideally we would like to trust the reporting and actions that this product generates and takes but it just doesn't seem to be consistent.
How to get Sharepoint online into Conditional Access app Control
Hello What are the steps to add sharepoint online into Conditional Access app Control ? When i add a new app then search for Sharepoint i get the message below. When i click on the "start wizard" its asking me for saml xml data. Is this the proper way to add SharePoint online to Conditional Access app Control ?
Allow Copy paste only within Office365 in Browser
Hi all, We have a session policy in place to Block Copy and paste in a Browser session, but we would like to allow Copy and paste within Office 365 documents in the browser but Block outside of office 365 and non browser apps. I played around with the settings but can't find the right set of settings. Anyone has any experience with this? Putting it to: Activity: Paste App Does not Equal Office 365 Does not work. Cheers, Hans
Alert on disabled user
Hi, We received a "Suspicious email deletion activity" alert today for activity "Purge messages from the mailbox: ...". The user account is not allowed to sign-in and has no licenses assigned. His MFA is enforced. How could that be? Is it possible that an internal purging process triggered this alert? Thanks.
Failed log on (Failure message: Session information is not sufficient for single-sign-on.)
Hey All, I've recently a few impossible travel alerts in which the anomalous logins had the description "Failed log on (Failure message: Session information is not sufficient for single-sign-on.)". Three of these failed login events where seen but none were from IPs with bad reputation. The error code is 50058 for Office 365 SharePoint Online. Reading the description from https://login.microsoftonline.com/errorfor the error code, I'm not understanding how this activity would be triggered from an anomolous country without session information being stolen. Could anyone shed any light on this? Thankyou
