Dropbox

Introduction

Dropbox is a data storage and file sharing platform. Cisco Cloudlock enables users to use policies to monitor content and user activity in their Dropbox environments. For prerequisites and installation steps see Dropbox Quick Start Setup Guide.

Policies

Cisco Cloudlock monitors Dropbox in the following policies:

Data Loss Prevention (DLP)

Exposure

Shared with non-team members
Anyone outside the organization's Dropbox collaboration.

Public with link
Anyone with the link has access.

Team wide
Anyone within the organization's Dropbox collaboration.

Team wide with link
A link that is accessible to anyone externally if searched for or shared outside the team.

Shared with any external user
Users outside the home domain can have access.

Specific shares (Users and Groups; Domains and top-level domains)
Any internal or external users, groups or domains specifically listed.

User Events and Behavior Analytics (UEBA)

  • Build Your Own: Event Analysis

Response Actions

In addition to the Global Response Actions available in all platforms, Dropbox also has two unique Response Actions:

Quarantine Users files

Moves the file to a Quarantine folder only accessible to the Dropbox admins.

Revoke File Share

Revokes access to all users (except the owner) and expires any file share URL.

Incident Examples

Context Only Policy Incident

Context Only Policy Incident

Predefined Policy Incident

Predefined Policy Incident

Events Analysis Policy Incident

Events Analysis Policy Incident

Viewing an Object

For a DLP incident, you can click View Object in the uppermost right corner to view the file that violated the policy.

Cloudlock with open the file as a "snapshot" with "view only" access.

Am I added as a collaborator?

Because you are only viewing a snapshot of the file with only viewing access, Dropbox does not add you as a collaborator to the document.

Dropbox


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.