Configure general settings for the following:

  • Enable or disable real-time scanning

  • Enable or disable RMS-protected file scanning

  • Specify the policy name

  • Specify the policy description

  • Specify the policy priority value

  • Select targets that the policy affects

Configuring General Settings

  1. Select General.
  2. Optionally enable real-time scanning.

    See Real-time Scan.

  3. Optionally enable RMS-protected file scanning.
    • This option only appears when an RMS account is created on Cloud App Security management console. To enable Cloud App Security to scan RMS-protected files and keep detailed logs, select this check box.

    • This option works for SharePoint Online, OneDrive, and Microsoft Teams (Teams).

    • This option applies independently of Enable Real-time Scanning and does not affect other rules configured for the policy.

  4. (Exchange Online only) Optionally select not to scan email messages in users' Junk Email folder during real-time and manual scanning.
  5. Specify a policy name and description.
  6. Specify the policy's priority value.

    Priority is assigned numerically, with "1" being the highest priority. The lower the priority value, the higher the priority. Its value ranges from 1 to 99999.

  7. In the Available Targets area, select one or multiple targets, and then click the arrow button to add them to the Selected Targets area.
    Option Description

    Exchange Online

    Users and groups in your company's Active Directory infrastructure

    SharePoint Online

    SharePoint sites in your company


    Users and groups in your company that have OneDrive sites

    Microsoft Teams

    Teams in your company

    Teams Chat

    Users and groups in your company's Active Directory infrastructure

    Box, Dropbox

    Users and groups in your company

    Google Drive

    Users and organization units in your company


    Users and groups in your company


    For ATP policies:

    • Chatter, Community, Cases, and Attachments

    • Profiles in your company

    For DLP policies:

    • All packaged, standard, and custom objects

    • Profiles in your company

    Cloud App Security monitors update to the specified object records by the users that belong to the specified profiles.

    Click Click here to resynchronize the list if the target to add is not found.


    You can select a policy configuration on the left navigation to continue with additional rules as necessary.