What are the account privileges and requirements needed to enable the Office 365 Securlet on a CloudSOC account?
The following four requirements must be met in order to enable the Office 365 Securlet on our CloudSOC account:
● You must have SysAdmin privileges for your CloudSOC account.
● You must have an Office 365 Enterprise account.
● You must have Global Administrator privileges for your Office 365 account. (GA privileges can be revoked after activation, but the account cannot be deleted)
● The email address you use as the username for the administrator login on your Office 365 account must be exactly the same as the email address that you use as your CloudSOC username. Furthermore, this email address must be within the primary or secondary domains listed for your CloudSOC account. To confirm, login to CloudSOC, go to the gear icon on the top right corner, then to General, and check your domains as shown below.
NOTE: Secondary domains can be added through CMP. We recommend that you enable the onmicrosoft.com domain that matches your office365.com domain as a secondary domain on your CloudSOC account. For example, if your Office 365 domain is mycompany.office365.com, ask your representative to enable mycompany.onmicrosoft.com as a secondary domain. We have found that many customers who subscribe to the Office 365 Securlet are unaware that some of their users have primary email addresses within the onmicrosoft.com domain. The Office365 Securlet does not track these users' activities unless you have onmicrosoft.com added as a secondary domain.
NOTE: If you use two factor authentication to login to Office365 disable it for activation securlet purposed.