To protect users from advanced threats and to prevent data loss, Cloud App Security searches for security risks and undesirable data sent through email or saved in cloud storage by performing real-time scanning on files in supported cloud applications, including Exchange Online, SharePoint Online, OneDrive for Business, Box, Dropbox, Google Drive, and Gmail.
For email services, scanning occurs when an email message arrives at a protected mailbox.
For the other cloud applications, scanning occurs when a user uploads, creates, synchronizes, or modifies a file.
Through a cloud service connector, Cloud App Security scans email messages in protected mailboxes and files in protected cloud storage. Upon detecting malicious or undesirable content, Cloud App Security automatically takes action against the email or file according to scanning policies. Configure policies to scan specific targets and then take certain action or send a notification based on the security risk.
Cloud App Security adopts an API-based architecture rather than a proxy-based architecture to provide advanced protection. It starts scanning when an email message arrives at a protected mailbox or a file is saved to cloud storage. This unique API-based architecture guarantees that Cloud App Security has "zero impact" on your email message delivery or file sharing as well as commitments defined in your service level agreements.