Overview
As part of your insider risk detection strategy, allowing Incydr to access your email services enables you to capture information about the attachments that your users email to other recipients.
See the articles listed below to learn how to authorize Incydr to start capturing metadata from your email service.
Considerations
- Your product plan must include at least one email service. If your license expires, the email connection is deauthorized within 24 hours. If you need assistance with licensing, contact your Customer Success Manager (CSM). If you do not know your CSM, please contact our Technical Support Engineers.
-
To connect to the email service, you must have the appropriate permissions in the email service as well as in Incydr.
- Gmail: You must be a Google Workspace administrator with a Super Admin role to authorize the connection to Incydr
- Microsoft Office 365: You must be a global administrator in Office 365 to authorize the connection to Incydr
-
Incydr only monitors email attachments. Email message content is not accessed, monitored, or changed.
Supported email service vendor plans and licenses
Incydr can only connect to your cloud storage environment when supported by that vendor's plan or license.
| Gmail | Microsoft Office 365 |
|---|---|
Follow the instructions in the articles linked below to connect your email environment to Incydr.
Once authorized, Incydr captures file and message information about all attachments that are emailed through your organization's environment from that point forward. Incydr can monitor all user email accounts, only specific user email accounts, or only the user email accounts that are in specific groups.
When new users are added to your organization's environment, information about the attachments they email also becomes available in Forensic Search automatically.
Comments
Please sign in to leave a comment.