SHIELD DRM Prerequisites
Customer Preparation 1 | Microsoft Admin Rights and Licenses
-
Permissions required for signing up for and using the Security 365 Portal:
- When signing up for the Security365 Portal, administrative privileges are required to use the service.
- A global administrator or an administrator account with specific permissions assigned with a **Microsoft license (recommended E3)** is required.
[Required Microsoft Administrative Privileges]
- Global Administrator or
- If you cannot obtain global administrator privileges, you need the permissions of 'Privileged Role Administrator', 'Cloud Application Administrator', 'Office App Administrator', 'Teams Administrator', 'SharePoint Administrator'.
[MSHow to Check Administrator Permissions]
Portal.azure.comLog in with an administrator account **> Azure Active Directory > **Users **> **Search for and select the administrator account **>Select Assigned Role
Customer Preparation 2 | Microsoft MIP Label Verification
-
Check and Create AIP Labels:
-
When converting to MIP documents in SHIELD DRM, the MIP labels created/used by the client company are required.
-
If the AIP label has not been created,Microsoft Compliance CenterLog in with an administrator account and create a label in the [Information Protection] – [Label] menu.
-
****Creating a LabelClick the button to generate the sensitivity label..
-
Administrators who can set labels ‘Global Administrator’ or ‘Compliance Manager’ You must have permission..)
-
Creating labels, publishing, and updating policies may take 4 to 8 hours to reflect for users.
- For detailed label creation and publishing methods,Microsoft LearnYou can check it at.
-
Customer Preparation 3 | Confirm Tenant Name
-
Check the tenant name in the Azure Portal:
- Azure PortalThe name written before '.onmicrosoft.com' in the 'Custom Domain Name' menu is the [Tenant Name].
- Example)
security365demo.onmicrosoft.cominsecurity365demoThis is the tenant name.
Customer Preparation 4 | Security365 Portal Membership Registration and Settings
-
Adding and Configuring Users in the Security365 Portal:
- Add Microsoft users through the 'User Synchronization' menu on the user management page.
- Only users registered with Microsoft can be added, and all users within the organization are automatically added.
- We are working on improvements to enable synchronization only for group users through the AD policy group.
Customer Preparation 5 | Firewall Allowance
-
Service Configuration/Operation Related Allowed Processing URL:
Product Classification URL Usage User Firewall Administrator Firewall Note Common login.security365.com Integrated Authentication Service O O Common login.security365.com Integrated Authentication Service O O Common login.security365.com Integrated Log Transmission O O Common portal.security365.com Security365 Management Center Page (Front) X O Common spsvr.security365.com Security365 Management Center Page (Backend) X O SHIELD DRM SHIELD DRM.security365.com SHIELD DRM Admin Page (Front) X O SHIELD DRM ssevtr.security365.com SHIELD DRM User/Admin Backend Service O O SHIELD DRM skms.security365.com SHIELD DRM Admin Page Password Key Retrieval Backend Service X O SHIELD Drive shieldrive.security365.com SHIELDrive User/Admin Page (Front) O O Exclusion when SHIELD Drive is not in use SHIELD Drive webdav.security365.com File Upload/Download Used in SHIELDrive O O Exclusion when SHIELD Drive is not in use SHIELD Drive dms.security365.com Document Web Viewer Service Used in SHIELDrive O X Exclusion when SHIELD Drive is not used *Microsoft365 Service Usage Service URLIt must be allowed by the client company itself..
*****SHIELD DRMFor customer companies using __PH_0__, If on the client side Web Access Not allowed If there is a policy, partially sklogin.security365.com Permission may be required.