{"pageModel":{"attributes":{"id":"","name":"119910.dita","viewName":"DitaDetail"},"elements":{"ditaContent":{"name":"DITAContent","value":"<article id=\"enable-cloud-access-security-broker-protection-for-microsoft-365-tenants\" class=\"topic concept\">\r\n<h1 class=\"title topictitle1\">Enable Cloud Access Security Broker Protection for Microsoft 365 Tenants</h1>\r\n<div class=\"body conbody\">\r\n<p class=\"p\">Secure Access supports two Cloud Access Security Broker (CASB) features for Microsoft 365:</p>\r\n<ul class=\"ul\">\r\n<li class=\"li\">Cloud Malware protection for OneDrive, SharePoint Online, and Outlook sites within your Microsoft 365 deployment.</li>\r\n</ul>\r\n<p class=\"p\">\r\n<span class=\"ph uicontrol\">Note on running both Microsoft 365 and Cloud Malware</span>: Microsoft 365 and Cloud Malware both protect users against malware. However, their functionalities are not redundant. Microsoft 365 might discover malware that Cloud Malware does not find. Cloud Malware also finds malware that Microsoft 365 overlooks. There is value to running Microsoft 365 and Cloud Malware simultaneously.</p>\r\n<ul class=\"ul\">\r\n<li class=\"li\">CASB detection of third-party cloud applications that have been granted OAuth-based permission to access a user's protected resources on Microsoft 365 Sharepoint Online and OneDrive. For more information, see  <a data-scope=\"local\" target=\"\" href=\"docs/csa/olh/119382.dita\" title=\"\">Third-Party Apps Report</a>.</li>\r\n</ul>\r\n<p class=\"p\">You can enable CASB features for authorized tenants that use the following Microsoft 365 applications:</p>\r\n<ul class=\"ul\">\r\n<li class=\"li\">Sharepoint Online</li>\r\n<li class=\"li\">OneDrive</li>\r\n<li class=\"li\">Outlook (For Cloud Malware protection only and for the primary inbox only. For outgoing mail you can enable Data Loss Prevention; see  <a data-scope=\"local\" target=\"\" href=\"docs/csa/olh/120885.dita\" title=\"\">Enable SaaS API Data Loss Prevention for Microsoft 365 Tenants</a>.)</li>\r\n</ul>\r\n<p class=\"p\">\r\n<table class=\"olh_note\" border=\"0\" role=\"note\">\r\n<tbody>\r\n<tr>\r\n<td width=\"5%\" class=\"olh_note\" role=\"heading\" border=\"0\" valign=\"top\">\r\n<img src=\"https://www.cisco.com/c/dam/en/us/td/i/esp/icons/icon-notes.svg\">\r\n<br> </td>\r\n<td border=\"0\" class=\"olh_note\">\r\n<div class=\"note__content\"> You cannot add an application to an existing tenant. If you have an existing Microsoft\r\n        365 tenant that uses one or two of these applications and you wish to add another\r\n        application to that tenant, you must first revoke authorization for the existing tenant,\r\n        then create a new tenant using all the desired applications.</div>\r\n</td>\r\n</tr>\r\n</tbody>\r\n</table>\r\n</p>\r\n<section id=\"section_lkw_q5n_q3c\" class=\"section\">\r\n<h2 class=\"title sectiontitle\">Limitations</h2>\r\n<ul id=\"ul_byd_s5n_q3c\" class=\"ul\">\r\n<li class=\"li\">A tenant the fails to authenticate cannot be deleted.</li>\r\n<li class=\"li\">Secure Access Cloud Malware attempts to quarantine a file will fail if that file has been locked by Microsoft 365. This may occur if Microsoft 365 Advanced Threat Protection (ATP) has detected malware in the file. In such a case, the lock placed by ATP take precedence over Umbrella's ability to detect or remediate DLP violations in malware.</li>\r\n</ul>\r\n</section>\r\n</div>\r\n</article>\r\n","ditaVal":"","format":"html"},"bookTitle":{"value":""},"shortDescription":{"value":""}}},"parameters":{"appId":"SecureAccess","topicAlias":"o365-malware"}}