HomeDocumentation and Guides


Table of Contents


Dropbox is a data storage and file sharing platform. Cisco Cloudlock enables users to use policies to monitor content and user activity in their Dropbox environments. For prerequisites and installation steps see Dropbox Quick Start Setup Guide.


Cisco Cloudlock monitors Dropbox in the following policies:

Data Loss Prevention (DLP)


Shared with non-team members
Anyone outside the organization's Dropbox collaboration.

Public with link
Anyone with the link has access.

Team wide
Anyone within the organization's Dropbox collaboration.

Team wide with link
A link that is accessible to anyone externally if searched for or shared outside the team.

Shared with any external user
Users outside the home domain can have access.

Specific shares (Users and Groups; Domains and top-level domains)
Any internal or external users, groups or domains specifically listed.

User Events and Behavior Analytics (UEBA)

  • Build Your Own: Event Analysis

Response Actions

In addition to the Global Response Actions available in all platforms, Dropbox also has two unique Response Actions:

Quarantine Users files

Moves the file to a Quarantine folder only accessible to the Dropbox admins.

Revoke File Share

Revokes access to all users (except the owner) and expires any file share URL.

Incident Examples


Context Only Policy Incident


Context Only Policy Access Control


Predefined Policy Incident


Events Analysis Policy Incident

View an Object

For a DLP incident, you can click View Object in the uppermost right corner to view the file that violated the policy.


Cloudlock with open the file as a "snapshot" with "view only" access.


Am I added as a collaborator?

Because you are only viewing a snapshot of the file with only viewing access, Dropbox does not add you as a collaborator to the document.