The first step in setting up Egnyte Protect is to add one or more Content Sources that you wish to monitor. The more sources you add, the more secure your content will be. You can add Cloud and On-premises Content Sources, so no matter where your data is located, it will be monitored. We'll walk you through how to add a Cloud Content Source for Egnyte and OneDrive for Business in this article.

Add Cloud Content Source

Egnyte Connect

  1. From the home page, select Settings, click Add Cloud Source, and select Egnyte Connect to begin.

    Screen_Shot_2020-07-21_at_3.19.02_PM.png
  2. Click Next.

    EP_-_next.png

    To add Egnyte Connect, you must be set up with Admin credentials in Egnyte Connect.

  3. Enter your Egnyte Connect domain name and click Next.

    EP_-_domain.png

  4. Authenticate as an Admin User in the Egnyte Connect login window that pops up. Egnyte Protect will access the Egnyte Connect domain as this user. Click Continue in the popup window after authenticating.

    We suggest that you create a dedicated Admin account within the domain for use by Egnyte Protect. Using a distinct account will ensure that access by Egnyte Protect is segregated within audit reports for the domain.

  5. Specify a source name or use the default option and click Next.
  6. Choose any folder paths you wish to exclude within the source from scanning. If you want to exclude a path, just click on the corresponding checkbox. The checkmark will turn to a red X, indicating that the path, and all sub-folders, are excluded. Egnyte Protect won't access any folders or their content under these paths. Click Finish to save your selection.

    By excluding folder paths, no issues or sensitive content will be detected within these paths. For full coverage, we recommend that you do not exclude paths. You can change this configuration at any time after adding the source.

    EP_-_folder_paths.png
  7. Your newly added source will appear in the Cloud Content Sources list as below.

    EP_-_new_cloud_source.png

Scanning for the access control issue begins immediately. Issues will appear within the Issues tab as they are found. You will receive a summary email outlining all issues found within the source once the initial scan of the source has completed. After the initial scan, the source will be continuously monitored for new issues and any updates to existing issues.

 

OneDrive for Business

  1. From the home page, select Settings, click Add Cloud Source, and select OneDrive for Business.

    Screen_Shot_2020-07-21_at_3.19.02_PM.png
  2. Click Next.

    Ep_-_onedrive.png

    You must have Global Administrator credentials with OneDrive for Business to add it as a source.

  3. Enter your OneDrive or Microsoft Office 365 login credentials and click Next.

    If you're already logged into OneDrive or Microsoft Office 365, select the appropriate account from the list and enter your password.

  4. Specify a source name or use the default option and click Next.
  5. Your newly added source will appear in the Cloud Content Sources list.

 

Google Drive

  1. Ensure you use a G Suite account that is a Super Admin for the following steps
  2. Open your Google Cloud Console and set up a new project or using an existing project for the following steps
    2.png

  3. Navigate to IAM & Admin > Service Accounts and create a new service account in the project.
    3.png
  4. Click the email address of the service account and take note of the Email and Unique ID field, and - you will need to enter this when you set up Google Drive as a source.
    4.png

  5. Choose EDIT at the top of the Service account details screen if you're not already in edit mode. Navigate to the Service account status section, click SHOW DOMAIN-WIDE DELEGATION, and enable Domain-wide Delegation. Note that the checkbox will be disabled if you don't choose EDIT first. If the checkbox is still not enabled, you can move through the remaining steps in this guide, and wait up to 24 hours (for the settings described in step 10 to take hold) to enable Domain-wide Delegation.

    7-2.png
  6. On the same screen, click ADD KEY > Create new key.
    5.png

  7. Choose the option to create a P12 key. A key will be downloaded to your machine that will be used later.
    6.png
  8. Find APIs & Services in the Google Cloud Console and choose the option to ENABLE APIS AND SERVICES.
    7.png

  9. Find and enable the Google Drive API and Admin SDK.
    8-1.png8-2.png
  10. Sign in to the G Suite admin console as a super admin and navigate to Security > API Controls and choose the option to MANAGE DOMAIN WIDE DELEGATION and select the option to Add new
    mceclip0.png

  11. Add an entry with the client id set to the Unique ID of the service account from step 4 and set OAuth Scopes to the following value and click AUTHORIZE:
    https://www.googleapis.com/auth/drive.readonly,https://www.googleapis.com/auth/admin.directory.user.readonly,https://www.googleapis.com/auth/admin.directory.group.member.readonly,https://www.googleapis.com/auth/admin.directory.domain.readonly
    After this, you should see the client in the list of API Clients: mceclip2.png
    mceclip4.png
  12. Log in to your Egnyte Protect Dashboard, select Settings, click Add Cloud Source, and select Google Drive. Enter the following information and choose the option to Register:
    - Source label: Desired label for your source
    - Service account email: Email from step 4
    - Service account user: Email address of your G Suite super admin account
    - File with private key: Select the P12 private key that was downloaded during step 6
  13. Your newly added source will appear in the Cloud Content Sources list.

Box Storage

  1. From the home page, select Settings, click Add Cloud Source, and select Box Storage.Screen_Shot_2020-07-21_at_3.19.02_PM.png
  2. Enter the desired label for the source and click on Register.screen-1.png
  3. Enter the email address and password to your Box Admin account.screen-2.png
  4. Click on Grant Access to Box for Egnyte to access files stored in your Box storage.screen-3.png
  5. Again, click on Allow Access for Egnyte's Box app to register your Box storage within Egnyte.screen-4.png
  6. Your newly added source will appear in the Cloud Content Sources list.

Microsoft Azure Storage

  1. From the home page, select Settings, click Add Cloud Source and select Microsoft Azure Storage.
    mceclip0.png
  2. Click on Access Key and enter your Azure Account Name and Account Key. If you don't already have these details, then refer to this article to view account access key. Then click on Register.

    Screen-1.png
  3. Click on Allow Access for Egnyte to access the content of your Azure Storage.screen-3.png
  4. Your newly added source will appear in the Cloud Content Sources list.

Amazon S3 Storage

  1. From the home page, select Settings, click Add Cloud Source, and select Amazon S3 Storage.

    Screen_Shot_2020-07-21_at_3.19.02_PM.png

  2. Enter the desired label for the source along with details about like S3 Identity (Access Key ID) and S3 Secret (Secret Access Key). If you don't already have an Access Key ID or the Secret Access Key, then refer to this article to create one.

    Screen_Shot_2020-07-21_at_4.52.01_PM.png

  3. Click on Allow Access for Egnyte to access the content of your Amazon S3 storage.Screen-2.png

  4. Your newly added source will appear in the Cloud Content Sources list.

Add Additional Sources

To add additional Cloud Sources, simply click Add Cloud Source again and follow the related steps. If you wish to add on-premise SharePoint or Windows File Server sources, check out this article or contact Egnyte Support for assistance.