Docy

Next Generation API Data Protection for Microsoft 365 SharePoint

Next Generation API Data Protection for Microsoft 365 SharePoint

Using API Data Protection involves configuring the API connection for your Microsoft 365 SharePoint GCC High & Commercial apps.

In order to use the Next Generation API Data Protection for Microsoft 365 SharePoint GCC High & Commercial, first you will need to connect Netskope to your Microsoft 365 SharePoint GCC High or Commercial account via Microsofts’ API. The following sections explain how the API connector works, and how to configure the connection.

Why you should move to Next Generation API Data Protection?

  • Dramatically simplified policy definition and management: Multi-app/all app policies and multiple DLP profiles in a single policy.

  • Ability to define threat protection policies.

  • Unified inventory page, for threat hunting and forensic analysis.

  • Ultra-low time to detect and remediate to non-compliant activities.

Capability Differences Between Classic & Next Generation API Data Protection

Here is a list of feature parity for Microsoft 365 SharePoint between classic and Next Generation API Data Protection.

FeatureSub-categoryClassicNext Generation
Instance Selection-YesYes (multiple)
User SectionAll SitesYesYes
Subset of Sites OptionsYesYes
User ProfilesYesYes
AD User GroupsYesYes
Exclude Sites OptionsYesNo
Exclude Users OptionsYesYes
Exclude User Profiles OptionsYesYes
File SharingAll Sharing OptionsYesYes
Specific Sharing OptionsYesYes
Private Sharing Options (Specific Sharing Options)YesYes
Public Sharing Options (Specific Sharing Options)YesYes
In Next Gen, public sharing is called Anonymous.
Share Content Internally (Specific Sharing Options)YesYes
Sharing Content to More than X Internal Collaborator (Specific Sharing Options)YesYes
Sharing Content Externally (Specific Sharing Options)YesYes
Sharing with All External Domains (Specific Sharing Options)YesYes
Sharing with Specific External Domains (Specific Sharing Options)YesYes
Sharing Content to More than X External Collaborator (Specific Sharing Options)YesNo
Sharing Across Enterprise Organization (Specific Sharing Options)YesYes
Sharing Enterprise shared with Everyone (Specific Sharing Options)YesYes
Sharing Enterprise shared with Everyone Except External Users (Specific Sharing Options)YesYes
Sharing Content with a Selected set of Enterprise User Groups (Specific Sharing Options)YesNo
File Type to ScanAll File TypeYesYes
Specific File TypeYesYes, file type list is similar to DLP file type list.
DLPDLP ProfilesYesYes (multiple)
DLP IncidentsYesYes
DLP QuarantineYesYes
Manual Remediation Action (Restrict Access) from IncidentsYesYes
QuarantineQuarantine RestoreYesYes
Threat ProtectionThreat Protection Feature in Instance ConfigurationYesYes
Severity Based Action - QuarantineYesNo
Severity Based Action - RemediationYesNo
ForensicSharepoint as Forensic StoreYesYes (see Next Gen Forensics)
InventoryInventory DashboardYesYes (with unified Inventory page)
Inventory Details Panel (File Details, Sharing, Links, Recent Activities)YesPartially available (File Details, Recent Activities, DLP Violation)
Manual Actions for Remediation (Restrict Access)YesYes
ActionAlertYesYes
DeleteYesYes
Legal HoldYesNo
EncryptYesNo
IRM ProtectYesNo
QuarantineYesYes
Restrict AccessYesYes
Restrict Access Owner SelectedYesYes
Restrict Access Internal User SelectedYesYes
Restrict Access to Remove Public LinksYesYes
Restrict Access to Remove Individual UsersYesYes
Restrict Access to Remove Organization Wide LinksYesYes
REST API SupportYesNo
NotificationsEmail NotificationsYesYes
Detection & RemediationMTTD & MTTR (Mean time to detect/resolve)FastUltra-fast
Share this Doc
In this topic ...