Welcome to
Help Desk

Product Updates
Training
Support
Ideas Contact Support

Add Cloud Content Sources

The initial phase of configuring Secure and Govern involves incorporating one or more Content Sources for monitoring purposes, enhancing the security of the content with each additional source. Cloud and On-premises Content Sources can be integrated, ensuring comprehensive monitoring regardless of data location. This article provides guidance on adding content sources to Egnyte Secure and Govern.

All cloud sources must be reauthorized at least once every 5 years. If they are not, the source will become disconnected until reauthorization is completed. Admin are notified via email whenever a cloud source becomes disconnected. Additionally, there are indications in several of the Secure & Govern web pages indicating a source has been disconnected (sensitive content, content lifecycle and the content source settings)

Supported Cloud Content Sources

Egnyte

  1. Access Secure and Govern from the left app picker menu.
    add cloud 1.pngadd cloud 2.png
  2. From the home page, select Settings, click Add Cloud Source and select Egnyte to begin.
    Secure and Govern_Add Content Source_1.png
  3. Click Next.
    Screen_Shot_2021-02-25_at_12.53.24_PM.png

    To add an Egnyte source, it's necessary to have Admin credentials in Egnyte Collaborate.

  4. Enter the Egnyte domain name and click Next.
    Screen_Shot_2021-02-25_at_12.35.17_PM.png
  5. Authenticate as an Admin User in the Egnyte login window that pops up. Egnyte Secure & Govern will access the Egnyte domain as this user. Click Continue in the popup window after authenticating.
    cloud content 1.png

    We recommend creating a dedicated Admin Service Account within the domain for Egnyte Secure & Govern. Using a distinct account will ensure that access by Egnyte Secure & Govern is segregated within audit reports for the domain.

  6. Click here for steps to create an Admin Service Account. When creating the Admin Service Account, remember to add  Secure & Govern to the username as it will help to easily separate actions taken via Secure & Govern.
  7. Specify a source name or use the default option and click Next.
  8. Users can select any folder paths they wish to exclude within the source from scanning. If a path needs exclusion, they can click on the corresponding checkbox. The checkmark will then transform into a red X, signifying the exclusion of the path and all sub-folders. Under these paths, Egnyte Secure & Govern will refrain from accessing any folders or content. Finally, users can click Finish to save their selection.

    By excluding folder paths, issues or sensitive content within these paths won't be detected. For comprehensive coverage, it's recommended not to exclude paths. However, Admin can modify this configuration at any time after adding the source.


    EP_-_folder_paths.png
  9. Newly added source will appear in the Cloud Content Sources list below.
    EP_-_new_cloud_source.png

The access control issue scan starts right away. As issues are discovered, they'll show up in the Issues tab. Once the initial scan finishes, Admin will get an email summary of all found issues. After that, the source will be constantly monitored for new and updated issues.

OneDrive for Business and SharePoint Online

  1. From the home page, select Settings, click Add Cloud Source, and select Microsoft.
    Secure and Govern_Add Content Source_1.png
  2. Click Next.
    Ep_-_onedrive.png

  3. Specify a source name or use the default option and click Next.
    Add cloud 1.png

    User must have Global Administrator credentials with OneDrive for Business to add it as a source.

  4. Enter OneDrive or Microsoft Office 365 login credentials and click Next.

    If the user is already logged into OneDrive or Microsoft Office 365, select the appropriate account from the list and enter the password.

  5. Accept the Permissions Requested.
    add cloud 2.png
  6. Select whether or not to configure Microsoft Exchange, then click Next.
    add cloud 3.png
  7. Select the groups for Secure & Govern to scan and click Save.
    add cloud 5.png
  8. Select the SharePoint Online sites for Secure & Govern to scan, then click Save.
    add cloud 4.png
  9. Users can modify the Groups and Sites configuration at any time via the Content Source settings.
    add cloud 6.png
  10. Choose whether to configure Permissions Management or configure it later and then click Next.
    add cloud 7.png

    Permissions Management needs to be configured to view permissions and detect new issues in Secure & Govern

  11. Newly added source will appear in the Cloud Content Sources list.

Exchange Online

Egnyte Secure & Govern allows the classification of content from emails and attachments within the Exchange Online server. Users can set up access to Exchange Online by adding Microsoft/Office 365 as a source and completing an additional optional step.

Click here for more details on adding Exchange Online as a content source.

Google Drive and Gmail

Click here for more details on adding Google Drive and Gmail as content sources.

Microsoft Azure Storage

  1. From the home page, select Settings, click Add Cloud Source and select Microsoft Azure Storage.
    mceclip0.png
  2. Click on Access Key and enter the Azure Account Name and Account Key. If the necessary details are unavailable, refer to this article to view the account access key. Then proceed by clicking on Register.
    Screen-1.png
  3. Click on Allow Access for Egnyte to access the content of Azure Storage.screen-3.png
  4. Newly added source will appear in the Cloud Content Sources list.

Microsoft Azure Files

  1. From the home page, select Settings, click Add Cloud Source and select Microsoft Azure Files.
    Screenshot 2023-10-09 at 12.32.01 PM.png
  2. Click on Access Key and enter the Azure Account Name and Account Key. If the necessary details are unavailable, refer to this article to view the account access key. Then proceed by clicking on Register.
    Screenshot 2023-10-09 at 12.32.12 PM.png
  3. Click on Allow Access for Egnyte to access the content of Azure Storage.
    Screenshot 2023-10-09 at 12.32.39 PM.png
  4. Newly added source will appear in the Cloud Content Sources list.

Amazon S3 Storage

  1. Establish permissions for the S3 identity or user intended to establish the connection between Egnyte and Amazon S3. These permissions can apply to all buckets or specific ones intended to be linked with Egnyte, but the permissions must match.
  2. From the home page, select Settings, click Add Cloud Source, and select Amazon S3 Storage.
    Secure and Govern_Add Content Source_8.png
  3. Enter the desired label for the source and details like S3 Identity (Access Key ID) and S3 Secret (Secret Access Key). If an Access Key ID or Secret Access Key is not already available, refer to this article to create one.
    Screen_Shot_2020-07-21_at_4.52.01_PM.png
  4. Click on Allow Access for Egnyte to access the content of Amazon S3 storage.
    Screen-2.png

  5. Newly added source will appear in the Cloud Content Sources list.

Egnyte will not be able to access any S3 buckets that do not conform to the current AWS naming conventions listed here - Bucket naming rules - Amazon Simple Storage Service

Dropbox Storage

Connecting Dropbox storage requires a minimum of a Dropbox Business account. Personal Dropbox accounts cannot be connected

  1. From the home page, select Settings, click Add Cloud Source, and select Dropbox Storage.
    Secure and Govern_Add Content Source_8.png
  2. Enter the desired label for the source and click on Register.
    Screen_Shot_2021-05-19_at_2.08.14_PM.png
  3. Click on Allow Access for the Dropbox Connector to access Egnyte.
    Screen_Shot_2021-05-19_at_2.08.39_PM.png
  4. Enter the email address and password to the Dropbox Admin account.
    Screen_Shot_2021-05-19_at_2.09.09_PM.png

  5. Newly added source will appear in the Cloud Content Sources list.

Box Storage

Create a Box Application

  1. Log into the Box Developer console: https://app.box.com/developers/console
  2. Select My Apps and then Create New App.
    Cloud content sources - box - Create naw app.png
  3. Select Custom App.
    Cloud content sources - box - select custom app.png
  4. Fill in the details in step 1 of 2:
    • App Name - can be anything but should identify what the app is for (i.e. Egnyte App).
    • Description - optional.
    • Purpose - select Automation.
    • Who - select Customer.
    Cloud content sources - box - config step 1 of 2.png
  5. Select User Authentication in step 2 of 2.
    Cloud content sources - box - config step 2 of 2.png
  6. On the Configuration page for the app that pops up after the previous step, copy the Client ID and Client Secret. These will be needed to connect to Engyte.
    Cloud content sources - box - copy client ID and secret.png
  7. Fill in the Redirect URI.  The URI should be (depending on the Egnyte region):
    1. US: https://usc1.egnyteprotect.com/connectors/box-connector/sources/connect 
    2. Europe: https://euw1.egnyteprotect.com/connectors/box-connector/sources/connect 

    Cloud content sources - box - add redirect URI.png
  8. Mark permission scopes:
    1. Permissions required are:
      1. Read all files and folders stored in Box.
      2. Write all files and folders stored in Box.
      3. Manage users.
      4. Manage groups.
      5. Manage enterprise properties.
      6. In addition to the above, a special permission is needed:
        1. admin_on_behalf_of
          Note: This has to be requested via contacting Box Support.

    Cloud content sources - box - assign permissions.png
  9. Save changes.

Register the Box source in Egnyte Secure & Govern

  1. Navigate to Egnyte Secure & Govern -> Settings. The user will be taken to the Cloud Sources page.
  2. Select Add Cloud Source and then select Box from the list of source types.
  3. Enter an App name (this will be what the source is called in the S&G UI).
  4. Fill in the Redirect URI (the same URI that was used in the Box application configuration).
  5. Fill in the Client ID and Client Secret that was saved from the Box application page.
    Cloud content sources - box - Register box source.png
  6. When redirected to the Box OAuth grant request, click the Grant access to Box button.
        Cloud content sources - box - grant access to box.png
  7. The success page should confirm registration. The list of sources on the Content Sources page should now include the Box source.
    Cloud content sources - box - source has been connected.png
    Cloud content sources - box - content souce added.png

Box FAQ:

Is it possible to use the same client ID and client secret to register another Box source? 

Yes, but if that is done all the requests with this client ID will be counted by Box against the same single quota for the number of API requests, and the quota will be depleted sooner consequently.

How does the Egnyte connection to Box affect my Box account?

Egnyte uses the Box API to retrieve files and information from the Box source and those API calls will count against the Box quota. The number of API calls that are made can vary widely depending on the amount of data in the Box source and the structure of the data (i.e. many top-level folders or few top-level folders). 

See https://www.box.com/pricing for more information on API costs and  https://developer.box.com/guides/api-calls/permissions-and-errors/rate-limits/ for API rate limitations. For any other questions, contact your Box account manager.

 

Add Additional Sources

Click Add Cloud Source again and follow the related steps to add additional Cloud Sources. If adding on-premise SharePoint or Windows File Server sources is desired, please refer to this article or reach out to Egnyte Support for assistance.

Was this article helpful?
0 out of 0 found this helpful

For technical assistance, please contact us.