SHIELD DRM Preparation Requirements
Customer Preparation 1 | Microsoft Admin Rights and Licenses
-
Permission required for signing up for the Security365 Portal and using the service:
- When signing up for the Security365 Portal, administrative privileges are required to use the service.
- A global administrator or an administrator account with specific permissions assigned with a **Microsoft License (recommended E3)** is required.
[Required Microsoft Administrative Privileges]
- Global Administrator or
- If you cannot receive global admin privileges, you need permissions for 'Privileged Role Administrator', 'Cloud Application Administrator', 'Office Apps Administrator', 'Teams Administrator', and 'SharePoint Administrator'.
[MSHow to Check Administrator Permissions]
Portal.azure.comLog in with the administrator account **> Azure Active Directory > **Users **> **Search for and select the administrator account **>Select Assigned Role
Customer Preparation 2 | Microsoft AIP Label Verification
-
Check and Create AIP Labels:
-
When converting to AIP documents in SHIELD DRM, the AIP labels created/used by the client company are required.
-
If the AIP label has not been created,Microsoft Compliance CenterLog in with the administrator account and create a label in the [Information Protection] – [Label] menu.
-
****Creating a LabelClick the button to generate the sensitivity label..
-
(Administrators who can set labels are ‘Global Administrator’ or ‘Compliance Administrator’ You must have permission..)
-
Creating labels, publishing, and updating policies may take 4 to 8 hours to reflect for users.
- For detailed label creation and publishing methodsMicrosoft LearnYou can check it at.
-
Customer Preparation 3 | Confirm Tenant Name
-
Check Tenant Name in Azure Portal:
- Azure PortalThe name written before '.onmicrosoft.com' in the 'Custom Domain Name' menu is the [Tenant Name].
- Example)
security365demo.onmicrosoft.cominsecurity365demoThis is the tenant name.
Customer Preparation 4 | Security365 Portal Membership Registration and Settings
-
Adding and Configuring Users in the Security365 Portal:
- Add Microsoft users through the 'User Synchronization' menu on the user management page.
- Only users registered with Microsoft can be added, and all users within the organization are automatically added.
- We are working on improving the functionality to allow only group users to be synchronized through the AD policy group.
Customer Preparation 5 | Firewall Allowance
-
Service Configuration/Operation Related Allowed Processing URL:
Product Classification URL Usage User Firewall Administrator Firewall Note Common login.security365.com Integrated Authentication Service O O Common login.security365.com Integrated Authentication Service O O Common login.security365.com Integrated Log Transmission O O Common portal.security365.com Security365 Management Center Page (Front) X O Common spsvr.security365.com Security365 Management Center Page (Backend) X O SHIELD DRM SHIELD DRM.security365.com SHIELD DRM Admin Page (Front) X O SHIELD DRM ssevtr.security365.com SHIELD DRM User/Admin Backend Service O O SHIELD DRM skms.security365.com SHIELD DRM Admin Page - Backend Service for Retrieving Encryption Keys X O SHIELDrive shieldrive.security365.com SHIELDrive User/Admin Page (Front) O O Exclusion when SHIELDrive is not used SHIELDrive webdav.security365.com File Upload/Download Used in SHIELDrive O O Exclusion when SHIELDrive is not used SHIELDrive dms.security365.com Document web viewer service used in SHIELDrive O X When SHIELDrive is not in use, 제outside *Microsoft365 Service Usage Service URLIt must be allowed by the client company itself..
*****SHIELD DRMfor customers using __PH_0__, If on the client side Web Access Not allowed If there is a policy, partially sklogin.security365.com Permission may be required.