You can talk to your license vendor about purchasing cloud app security.
*Note
- Make sure you have Azure Information Protection and FIle policy enabled to proceed with this task
- Make sure you have App connector ready too
Once you got your file policy enabled and ready then you must perform some settings to allow cloud app security to scan for protected files.
So lets enabled the scan for protected attachments;
- Go to cloud app security portal
- Select settings icon on the top right then select settings
3. At the sidebar, you will notice under the category of “Information Protection”, Select “Azure Information Protection”
4. Here you will see 2 selection, on how you want cloud app security to scan your AIP files
- You could have either one selected or both
- The first one is meant for only scan NEW AIP files
- The second one is meant for only scan AIP files that are not set by external tenant
5. Once this is enabled, then cloud app security will take less than 5 minutes to scan AIP attachments
6. Currently, I have an attachment with AIP applied, and cloud app security able to detect it. Below is an example, this is the only summary of the investigation of the file.
7. To dig a deeper view of this file’s investigation and etc., you can select the icon at the side of the file.
8. Then it will expand with a list of options for you to choose to dig deeper
I would say it is indeed fascinating to see such a wonderful view of the deeper results of a file. FYI, I didn’t set up any File Policy so that Cloud App Security can detect AIP attachment. These are all purely from Cloud App Security Settings.
Sabrina Kay's Blog 