Adding and activating an organization

This guide includes the steps to add and activate an organization. In addition, the steps to disable, edit, or delete an organization are provided.

Email domain

You indicate the email domains you want protected by adding organizations in Graphus. Graphus protects an email domain under the constructs of an organization. When creating an organization in Graphus, you should use your main/root domain. Graphus will automatically protect all the subdomains under the main domain.

IMPORTANT  Make sure you select the correct email domain because you won't be able to change the domain after you create the organization.

After you create an organization, you must provide Graphus with the API permissions required to access your email domain. This is done by activating the organization. The steps to activate an organization are different for Microsoft and Google domains. For both types of domains, you will need admin or super-admin credentials.

After you provide Graphus with the needed API access, the Graphus AI will analyze all historical data in your email domain, which might take 24 to 48 hours. After this step is completed, Graphus will start protecting your email.

The Subscription card on the Organizations page enables you to track your license usage. The License Used field indicates the number of consumed licenses (first number) and the total number of licenses purchased (second number).

IMPORTANT  You won't be able to activate an organization if you don't have enough licenses available.

The Inboxes Protected field displays the total number of inboxes protected by Graphus. The number include inboxes Graphus is protecting for free, if any.

Graphus operating modes

Graphus can be run in one of two operating modes:

  • Protection mode: This is the default operating mode when adding a new organization. In Protection mode, the application will quarantine malicious emails and allow the EmployeeShield Banner to be enabled.
  • Monitoring mode: In Monitoring mode, Graphus will analyze emails for potential threats but not take any action, meaning it will not quarantine any emails. Therefore, suspicious emails will be delivered to the intended recipients. An alert will be created on the EmployeeShield page for partners to investigate. The purpose of Monitoring mode is to allow partners to view flagged emails, mark false positives, and "quarantine" emails to refine future detections. Note that this mode does not allow the EmployeeShield Banner to be enabled.

NOTE  You select the operating mode when adding an organization. The operating mode can be changed when editing an organization, per the steps below.

How to...

  1. On the top menu, click the Organizations tab.
  2. In the upper-right corner, click the Add Organization button.
  3. Complete the Add Organization form.
    The following fields are required:
    • Organization Name
    • Organization Primary Domain
    • Admin Email
    • Admin First Name
    • Admin Last Name
    • Organization Type: If the Organization Type is Office 365, copy the organization’s Tenant ID in Microsoft Entra ID and paste it into the Azure AD Tenant ID field. Graphus will need the Tenant ID later when activating the organization.
    • Operating mode: Protection is selected by default. If desired, select Monitoring.
  4. Click the Add Organization button. The organization is listed on the Organizations page with the Status of Created.

  5. In the Action column, click Activate.

IMPORTANT  
Google: When you click Activate for a Google organization, a modal is displayed instructing you to complete the steps in the activation guide for Google Workspace and includes a link to the guide. As part of activation, a modal will guide you through the steps to provide the necessary permissions.

M365: When you click Activate for a Office 365 organization, you will be directed to Microsoft and prompted to log into your M365 Admin account. The Graphus M365 Activation will automatically collect all necessary permissions.

After you have completed all activation steps, Graphus will analyze the organization’s email environment to learn its unique communication patterns. This creates a communication fingerprint (TrustGraph) that Graphus uses to detect and quarantine malicious emails. Creating the fingerprint can take 24-48 hours.

For activation information, refer to the following guides:

You can stop Graphus from processing email for an organization by disabling the organization. Enabling the organization will restart Graphus email processing.

In addition, you can edit an organization's information. Deleting an organization will stop Graphus from processing email for the organization and all of the organization's data will be deleted. Deleting an organization cannot be undone.

  1. On the top menu, click the Organizations tab.
  2. To disable an organization:
    1. In the Action column for the applicable organization, click the Disable link.
    2. In the confirmation modal, click the Proceed button.
  3. To enable an organization:
    1. In the Action column for the applicable organization, click the Enable link.
    2. In the confirmation modal, click the Proceed button.
  4. To edit an organization's information:
    1. In the Action column for the applicable organization, click the edit icon.
    2. Edit the applicable fields.
    3. Click the Update Organization button.
  5. To delete an organization:
    1. In the Action column for the applicable organization, click the delete icon.
    2. In the confirmation modal, click the Proceed button.