The Microsoft Teams Integration for 1Protection.AI is designed to monitor and manage sensitive data shared within Teams conversations. This integration introduces an observer mechanism that scans messages after they are sent, identifying violations and deleting messages if configured to do so. By deploying this integration, organizations can enforce data security policies and prevent accidental sharing of sensitive information.
Configuring the Teams Integration
Before utilizing the Teams Integration, administrators must configure it within the 1Protection.AI platform. The process aligns with standard integration steps outlined in the Integration Setup Guide. Additionally, the integration requires policies to function, which can be created by following the steps in the Policy Guide.
To ensure the Teams Integration operates effectively, further configuration is required within Microsoft Entra ID. This involves setting up two essential components – the Watcher App and the Editor App. These applications function as the backbone of the integration, allowing message monitoring and deletion based on policy violations.
Watcher and Editor Apps Overview
Watcher App – Monitors Teams messages for sensitive information.
Editor App – Deletes messages that violate policy settings.
Both applications must be registered in Microsoft Entra ID as Business Applications to function properly.
Watcher App Setup
Register the Watcher App
Open the Azure Portal and navigate to Entra ID.
Go to App registrations and click + New Registration.
Enter the application name as Watcher and complete the registration.
Add API Permissions
Once registered, go to the API permissions section.
Add the following Microsoft Graph permissions:
ChannelMessage.Read.AllChat.Read.AllUser.Read.All
Note: These permissions require admin approval.
Create Client Secret
Navigate to the Certificates & secrets section.
Create a new client secret and save the Application ID and Client Secret.
Configure in 1Protection.AI
In 1Protection.AI, go to the Settings page.
Enter the Application ID and Client Secret in the Watcher section.
Editor App Setup
Register the Editor App
Open the Azure Portal and navigate to Entra ID.
Go to App registrations and click + New Registration.
Enter the application name as Editor and complete the registration.
Add API Permissions
Once registered, go to the API permissions section.
Add the following Microsoft Graph permissions:
ChannelMessage.ReadWriteChat.ReadWriteUser.Read
Note:
ChannelMessage.ReadWriterequires admin approval.
Add Redirect URL
In the Authentication section, add the redirect URL:
https://teams.1protection.ai/oauth2/callback
Create Client Secret
Navigate to the Certificates & secrets section.
Create a new client secret and save the Application ID and Client Secret.
Configure in 1Protection.AI
In 1Protection.AI, go to the Settings page.
Enter the Application ID and Client Secret in the Editor section.
Deployment at Scale
Deploying the Teams Integration at scale ensures uniform protection across all Teams environments. Larger organizations are encouraged to distribute the integration across all clients using enterprise deployment tools. Since organizational setups vary, it is advisable to work closely with the IT department to ensure proper configuration.
Assistance and Support
Given the complexity of setting up the Teams Integration, we strongly recommend consulting with our team before beginning the process. Our specialists are available to guide you through each step, ensuring a smooth and secure deployment that aligns with your organizational needs.
For further assistance, please contact our support team. We are committed to helping you configure the Teams Integration effectively and ensuring all components function as intended.