Plugin Prerequisites
Cyberhaven's application plugins extend data protection capabilities into Microsoft Office applications and email clients. These plugins provide enhanced visibility and control over data activities that occur within productivity applications, enabling consistent policy enforcement for file and content interactions. Plugins work alongside endpoint sensors and other Cyberhaven components to deliver comprehensive coverage for data movement within supported applications.
Requirements
Office plugin (Word, Excel, PowerPoint, Outlook Classic)
- Supported Windows endpoint with Microsoft Office applications installed (Word, Excel, PowerPoint, Outlook Classic).
- Cyberhaven Sensor already deployed on the endpoint to enable plugin functionality.
- Restart Outlook after Sensor installation if it was running during the setup.
New Outlook Add-in
- Supported endpoint running the New Microsoft Outlook (September 2023 or later) on Windows or macOS.
- Microsoft 365 admin center access for deployment.
- Users signed in with Microsoft accounts (the add-in cannot be deployed to non-Microsoft accounts).
- Cyberhaven Sensor already deployed on the endpoint to enable add-in functionality.
- Use Microsoft’s limited deployment scope to pilot and validate the add-in before rolling it out organization-wide.
- Understand that policy enforcement depends on Cyberhaven completing content inspection of attachments before Outlook submits the email; the add-in can block message send if inspection detects a policy violation.
The New Outlook Add-in is not compatible with Outlook (Classic); continue to use the legacy Office plugin for Classic Outlook coverage.
Dependencies
Office plugin (Word, Excel, PowerPoint, Outlook Classic)
- Cyberhaven Sensor for Windows.
- Microsoft Office 2010 or later (32-bit or 64-bit), including Outlook Classic, Word, Excel, and PowerPoint.
- Visual Studio 2010 Tools for Office Runtime — not required if Microsoft Office is already installed.
- Microsoft .NET Framework 4.6.2 or later.
- Latest Microsoft Visual C++ Redistributable.
New Outlook Add-in
- Cyberhaven Sensor for Windows or macOS (latest supported release).
- New Microsoft Outlook desktop client (September 2023 release or later).
- Microsoft 365 services required for add-in distribution and operation.
- Microsoft 365 integrated app deployment (manifest hosted at
https://content.cyberhaven.io/outlook-addin/manifest.xml).
Network
Office plugin (Word, Excel, PowerPoint, Outlook Classic)
- Ensure endpoints can resolve the Cyberhaven backend URL and connect to the service over TCP port 443.
New Outlook Add-in
- Maintain connectivity to the Cyberhaven backend over TCP port 443.
- Allow access to Microsoft services required for add-in deployment, content inspection, and policy enforcement.
Security exclusions
Office plugin (Word, Excel, PowerPoint, Outlook Classic)
- Exclude Cyberhaven Sensor processes, folders, and registry keys related to the Office plugin from antivirus, EDR, and other endpoint protection tools.
- Preserve Windows permissions on registry keys that keep the plugins enabled; limit changes to administrative users.
New Outlook Add-in
- Protect the Sensor installation directory and add-in deployment files from unauthorized modification.
- Restrict registry or policy changes that control add-in enablement to administrative users.
Limitations
Office plugin (Word, Excel, PowerPoint, Outlook Classic)
- If Outlook is running during installation, email tracking will not start until Outlook is restarted.
- In some cases, Outlook may display a performance warning banner; registry configuration can suppress it.
New Outlook Add-in
- Tracks only attachment actions such as "Attachment Add" and "Sent file"; use the legacy Outlook plugin for broader signal coverage.
- Cannot track "Received File" and "Saved Email Attachment" events (supported by the legacy Office plugin).
- Does not capture files attached through Suggested files or files linked from OneDrive.
- Monitors only activities in Microsoft accounts within your organization’s domain; external accounts (for example, Gmail) are not tracked.
- Can only be deployed to Microsoft accounts.
- When Outlook is online but temporarily loses network access, users may see misleading error messages even though the add-in remains functional.
- Certain actions performed too quickly may not be captured due to Microsoft add-in processing limitations.