To protect users from advanced threats and to prevent data loss, Cloud App Security searches for security risks and undesirable data sent through email or saved in cloud storage by performing real-time scanning on files in supported cloud applications, including Exchange Online, SharePoint Online, OneDrive for Business, Box, Dropbox and Google Drive.
For email services, scanning occurs when an email message arrives at a protected mailbox.
For other cloud applications, scanning occurs when a user uploads, creates, synchronizes, or modifies a file.
Through a cloud service connector, Cloud App Security scans email messages in protected mailboxes and files in protected site collections. Upon detecting malicious or undesirable content, Cloud App Security automatically takes action against the file according to scanning rules. Configure policies to scan specific targets and then take certain action or send a notification based on the security risk.
Cloud App Security adopts an API-based architecture rather than a proxy-based architecture to provide advanced protection. It starts scanning when an email message arrives at a protected mailbox or a file is saved to cloud storage. This unique API-based architecture guarantees that Cloud App Security has "zero impact" on your email message delivery or file sharing as well as commitments defined in your service level agreements.