The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Cisco does not physically accept your Microsoft 365 credentials, nor do we cache or store the Global Admin's credentials. Secure Email Threat Defense redirects you to Microsoft's Azure application registration process so it can issue an authentication token for Microsoft's APIs. Only a Global Admin can authorize this token.
For more information, refer to the Microsoft documentation for a discussion of admin rights for applications: https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/grant-admin-consent/
For Microsoft 365 Authentication mode, Secure Email Threat Defense requests access permissions from Microsoft. These permissions depend on whether you choose Read/Write or Read mode. Details about the permissions can be found in the linked Microsoft documentation.
Both Microsoft Authentication modes request: Organization.Read.All and User.Read
■ https://learn.microsoft.com/en-us/graph/permissions-reference#organizationreadall
■ https://learn.microsoft.com/en-us/graph/permissions-reference#userread
Read/Write mode requests: Mail.ReadWrite
■ https://learn.microsoft.com/en-us/graph/permissions-reference#mailreadwrite
■ https://learn.microsoft.com/en-us/graph/permissions-reference#mailread
A minimal Cisco Secure Malware Analytics (formerly Threat Grid) account is created as part of the Secure Email Threat Defense account creation process. The new Malware Analytics account is not linked to any existing Malware Analytics account you may have. You do not need to take any action on the Malware Analytics account to set up Secure Email Threat Defense.
Your journal address is shown on the Secure Email Threat Defense setup page. If you need to find it after your initial setup, you can locate it on the Administration > Business page in the Account section.
If you try to register a tenant that has previously been registered to a different Secure Email Threat Defense account, your authorization will fail. Secure Email Threat Defense does not allow multiple accounts with the same Microsoft tenant ID.
Data is kept according to the Cisco Secure Email Threat Defense Privacy Data Sheet.
A user can access multiple Secure Email Threat Defense instances using the same Security Cloud Sign On account. This makes it easier to keep track of each instance without having to log out and log back in with a separate account.
Add the user to additional instances by creating a new user from Administration > Users page. Secure Email Threat Defense accounts using the same Security Cloud Sign On will be available from their User menu. Note that this access is limited to Secure Email Threat Defense accounts in the same region.