Views:
When your Microsoft 365 services leverage Microsoft Information Protection (MIP) to protect sensitive information, the files or email messages in the services may become encrypted and not accessible to Cloud App Security.
To extend protection to MIP encrypted content, grant Cloud App Security required permissions by using the following service account.
Account
Available Protection
MIP account
  • For Exchange Online email messages: decrypt messages for scanning and apply actions based on the sensitivity labels on messages
  • For files in SharePoint Online, OneDrive, Microsoft Teams (Teams), and Microsoft Teams (Chat): decrypt files for scanning, apply or remove sensitivity labels, and apply actions based on the sensitivity labels on files
    Note
    Note
    For Microsoft Teams (Chat), Cloud App Security currently does not support applying or removing sensitivity labels.
    The protection is available for the following file types:
    • Microsoft Word: docm, docx, dotm, and dotx
    • Microsoft Excel: xlam, xlsm, xlsx, and xltx
    • Microsoft PowerPoint: potm, potx, ppsx, ppsm, pptm, and pptx
    • PDF: pdf
    • Text: txt