To start scanning emails using Aware by Securly you would need to create a new journal rule in Exchange that would forward emails to the Aware engine.
Before you begin the setup please ensure that you have an Exchange Online license. with at least an E5 or A3 tenancy. It is not possible to set up journaling rules if you have a free tenancy.
To set up Aware:
- Login to https://admin.microsoft.com with your Admin credentials.
- Navigate to Microsoft Purview view & then scroll down to Data Lifecycle management > Exchange (legacy)
- Select the Journal rules tab and then click New Rule.
- Depending upon your regional cluster use one of the following email IDs in the ‘Send journal reports to’ field. The email ID for your regional cluster will also be displayed to you on the setup screen.
US East: firstname.lastname@example.org
US West: email@example.com
EU West: firstname.lastname@example.org
US East2: email@example.com
- Input a unique name for your new journal rule in the ‘Name’ field.
- Select ‘Everyone’ for the 'Journal messages sent or received from' field.
- Select ‘All messages’ for the 'Type of message to journal’ field.
- Click Save.
This completes the technical aspect of the Aware setup in Office 365.
The Securly setup process will then ask you to provide a ‘Notification Email’ where you would receive all the email alerts that Auditor sends for flagged activities.
As a final step, a test email with disturbing content will be sent to a test email ID you provide. This test email will be displayed on your Aware activities feed indicating that Aware has been installed successfully and monitoring for flagged activity has started.
Note that Org. unit or Security group configurations do not impact the scanning of emails or alerts by Aware. Org. unit and Security group configurations are considered only for Google Drive scanning. Emails will be scanned and alerted upon irrespective of whether any Org. units or Security groups are configured.