Views:
To protect users from advanced threats and to prevent data loss, Cloud Email and Collaboration Protection searches for security risks and undesirable data sent through email services, or saved in cloud storage applications by performing real-time scanning on files in supported cloud applications and services, including Exchange Online, SharePoint Online, OneDrive, Microsoft Teams, Box, Dropbox, Google Drive, and Gmail.
Cloud Email and Collaboration Protection starts scanning when an email message arrives at or is sent from a protected mailbox, a file is saved to a cloud storage application or shared to a Microsoft Teams channel, or a private Teams chat message is sent. This unique API-based architecture guarantees that Cloud Email and Collaboration Protection has "zero impact" on your email or chat message delivery or file sharing as well as commitments defined in your service level agreements.
Note
Note
In addition to API-based Protection, Cloud Email and Collaboration Protection also provides the option of Inline Protection for email services to block security risks before they can affect your organization. For details, see Protection modes for email services.
After you grant Cloud Email and Collaboration Protection access to a cloud application or service, Cloud Email and Collaboration Protection scans the content in the application or service based on your enabled policies. Cloud Email and Collaboration Protection provides default policies and allows you to create new policies. Upon detecting malicious or undesirable content, Cloud Email and Collaboration Protection automatically takes action against the email, file, or chat message based on the scanning result.
The following illustrates how Cloud Email and Collaboration Protection works.
Cloud_App_Security_Architecture_Diagram=GUID-0E7ABDAE-BABD-4D7A-962D-2C38275A7740=11=en-us=Low.png