Other Integrations & Connections

Controlling Scope Through Office

Denise S.
Denise S. Community Moderator Idea generator Vanta Team Member
  • Updated

Vanta's Office integration enables you to control which employees should be automatically marked in and out of scope in Vanta by creating and managing the "Vanta O365 Integration" app assignments within Azure.

 Be sure to consult with Support and your auditor to validate the set of accounts that should and should not be managed by Vanta.

Prerequisites 

Configure Office

  • Login to Azure and navigate to the Enterprise applications page to find the "Vanta O365 Integration" app:

Screen_Shot_2022-03-30_at_7.31.37_PM.png

 

  • Assign the Vanta O365 Integration app in Azure to the desired employees or groups:Screen_Shot_2022-03-30_at_7.32.51_PM.png

 

Validate account assignments

  • Verify that the list of employees and groups that are assigned to the Vanta app reflects your desired scoping preferences. 
    • Vanta recommends creating an automated provisioning process to assign the Vanta app to new employees or at least ensuring that you have developed a process.

 

Enable the feature in Vanta

  • Open the Integrations page and find the Office 365 integration
  • Select Manage
  • Select Configure Scope 

Screenshot_2023-05-12_at_4.20.19_PM.png

  • Enable the IdP scoping toggle

Screenshot_2023-05-12_at_4.21.30_PM.png

  • Once this feature is enabled, all user scope will be managed through Azure, and the scoping toggle in Vanta will be disabled. Vanta will update the scope status for IdP accounts on the next data fetch.

 

Using Office for Workspaces

If you are using Vanta Workspaces, you can choose to scope in different sets of users for each Workspace by creating groups.

 

  • Login to Azure and navigate to Enterprise applications.
  • Click on Vanta O365 Integration and view the employees listed in Users and groups. The employees must first be assigned to the Vanta app to use the group scoping feature.
  • Then, navigate to Azure Active Directory > Groups in the sidebar.
  • Create a group that you will use to scope users in and out of Vanta by clicking New group. The name needs to start with Vanta followed by any text, i.e. Vanta Employees
  • Assign the group to the subset of employees and groups in the Vanta O365 Integration app that you want to scope in. 

Once you finish creating the group, you can enable IdP scoping in Vanta. When you toggle IdP scoping, you’ll have the option to select what group to scope by.

Once this feature is enabled, all user scope will be managed through the selected Azure group, and the scoping toggle in Vanta will be disabled. Vanta will update the scope status for IdP accounts on the next data fetch.