-->
- Microsoft 365 Cloud Email
- Microsoft 365 Cloud Backup
- Microsoft 365 Cloud Print
- Microsoft 365 Cloud Backup
Microsoft 365 Your productivity cloud across work and life. Make smarter decisions with Microsoft Dynamics 365 for Operations—the cloud enterprise resource planning (ERP) solution that’s built for Microsoft Azure. Reimagine the way you work with Microsoft 365 and Microsoft Teams Chat, call, host online meetings, and collaborate in real time, whether you’re working remotely or onsite. Get one integrated solution including Teams, OneDrive cloud storage, and Office apps with advanced security options—at a price that’s right for your business.
This article provides instructions for connecting Microsoft Cloud App Security to your existing Office 365 account using the app connector API. This connection gives you visibility into and control over Office 365 use. For information about how Cloud App Security protects Office 365, see Protect Office 365.
Cloud App Security supports the legacy Office 365 Dedicated Platform as well as the latest offerings of Office 365 services (commonly referred as the vNext release family of Office 365). Cloud App Security doesn't support the Legacy Microsoft Business Productivity Online Standard Suite (BPOS).
Note
In some cases, a vNext service release differs slightly at the administrative and management levels from the standard Office 365 offering.
Cloud App Security supports the following Office 365 apps:
- Dynamics 365 CRM
- Exchange (only appears after activities from Exchange are detected in the portal, and requires you to turn on auditing)
- Office
- OneDrive
- Power Automate
- Power BI (only appears after activities from Power BI are detected in the portal, and requires you to turn on auditing)
- SharePoint
- Skype for Business
- Teams (only appears after activities from Teams are detected in the portal)
- Yammer
Note
Cloud App Security integrates directly with Office 365's audit logs and receives all audited events from all supported services, such as PowerApps, Forms, Sway, and Stream.
How to connect Office 365 to Cloud App Security
Note
- You must have at least one assigned Office 365 license to connect Office 365 to Cloud App Security.
- To enable monitoring of Office 365 activities in Cloud App Security, you are required to enable auditing in the Office Security and Compliance Center.
- Exchange administrator audit logging, which is enabled by default in Office 365, logs an event in the Office 365 audit log when an administrator (or a user who has been assigned administrative privileges) makes a change in your Exchange Online organization. Changes made using the Exchange admin center or by running a cmdlet in Windows PowerShell are logged in the Exchange admin audit log. For more detailed information about admin audit logging in Exchange, see Administrator audit logging.
- Exchange Mailbox audit logging must be turned on for each user mailbox before user activity in Exchange Online is logged, see Exchange Mailbox activities.
- If Office apps are enabled, groups that are part of Office 365 are also imported to Cloud App Security from the specific Office apps, for example, if SharePoint is enabled, Office 365 groups are imported as SharePoint groups as well.
- You must enable auditing in PowerBI to get the logs from there. Once auditing is enabled, Cloud App Security starts getting the logs (with a delay of 24-72 hours).
- You must enable auditing in Dynamics 365 to get the logs from there. Once auditing is enabled, Cloud App Security starts getting the logs (with a delay of 24-72 hours).
- If your Azure Active Directory is set to automatically sync with the users in your Active Directory on-premises environment the settings in the on-premises environment override the Azure AD settings and use of the Suspend user governance action is reverted.
- For Azure AD sign-in activities, Cloud App Security only surfaces interactive sign-in activities and sign-in activities from legacy protocols such as ActiveSync. Noninteractive sign-in activities may be viewed in the Azure AD audit log.
- Multi-geo deployments are only supported for OneDrive
In the Connected apps page, click the plus button and select Office 365.
In the Office 365 pop-up, click Connect Office 365.
In the Office 365 components page, select the options you require, and then click Connect.
Note
- For best protection, we recommend selecting all Office 365 components.
- The Office 365 files component, requires the Office 365 activities component and Cloud App Security file monitoring (Settings > Files > Enable file monitoring).
After Office 365 is displayed as successfully connected, click Close.
Note
After connecting Office 365, you will see data from a week back including any third-party applications connected to Office 365 that are pulling APIs. For third-party apps that weren't pulling APIs prior to connection, you see events from the moment you connect Office 365 because Cloud App Security turns on any APIs that had been off by default.
If you have any problems connecting the app, see Troubleshooting App Connectors.
Next steps
If you run into any problems, we're here to help. To get assistance or support for your product issue, please open a support ticket.
-->These cloud architecture posters give you information about Microsoft cloud services, including Microsoft 365, Azure Active Directory (Azure AD), Microsoft Intune, Microsoft Dynamics 365, and hybrid on-premises and cloud solutions.
IT decision makers and architects can use these resources to determine the ideal solutions for their workloads and to make decisions about core infrastructure components such as networking, identity, and security.
Microsoft cloud identity for enterprise architects
What IT architects need to know about designing identity for organizations using Microsoft cloud services and platforms.
| Item | Description |
|---|---|
View as a PDF | Download as a PDF | Download as a Visio Updated August 2020 | This model contains:
|
Microsoft 365 Cloud Email
Microsoft cloud networking for enterprise architects
What IT architects need to know about networking for Microsoft cloud services and platforms.
| Item | Description |
|---|---|
View as a PDF | Download as a PDF | Download as a Visio Updated August 2020 | This model contains:
|
Microsoft hybrid cloud for enterprise architects
What IT architects need to know about hybrid cloud for Microsoft services and platforms.
| Item | Description |
|---|---|
View as a PDF | Download as a PDF | Download as a Visio Updated August 2020 | This model contains:
|
Microsoft 365 Cloud Backup
Architecture approaches for Microsoft cloud tenant-to-tenant migrations
This series of topics illustrates several architecture approaches for mergers, acquisitions, divestitures, and other scenarios that might lead you to migrate to a new cloud tenant. These topics provide starting-point guidance for enterprise resource planning.
| Item | Description |
|---|---|
PDF | Visio Updated October 2020 | This model contains:
|
Microsoft cloud security for enterprise architects
Note
This model is being revised. Please check this article in the future for the updated version.
Common attacks and Microsoft capabilities that protect your organization
Microsoft 365 Cloud Print
Learn about the most common cyber attacks and how Microsoft can help your organization at every stage of an attack.
Microsoft 365 Cloud Backup
| Item | Description |
|---|---|
PDF | Visio Updated August 2017 | This poster illustrates the path of common attacks and describes which capabilities help stop attackers at each stage of an attack. |