Umbrella's Data Loss Prevention (DLP) policy inspects content based on the destinations and identities selected in the policy configuration. When a DLP rule is configured to Select Destination Lists and Applications for Inclusion, the policy scans for data violations in every web request originating from the identities (verified applications) configured in the rule. A web request can be a web form or a file upload. File uploads can be scanned for content, file name, or either. For more information, see Add a Rule to the Data Loss Prevention Policy.
Verified applications also support other workflows besides file uploads. For example, if your rule is configured to Select Destination Lists and Applications for Inclusion and you choose Yahoo Mail as an application to scan for content, the policy can scan for file uploads, emails sent, and draft emails saved. Violations within these workflows are then blocked or monitored, depending on the action selected in the rule. However, some applications have limitations when scanning for file names of file uploads. For example, the DLP policy can scan Dropbox for file uploads, but the file name can not be scanned.
Umbrella's DLP policy currently supports the following verified applications and their workflows:
Box Cloud Storage
File upload; edit a file
Note: To scan file uploads, you must select Atlassian and Confluence as destinations for the DLP rule.
File upload; Dropbox Paper file upload; Dropbox Paper add comment; Dropbox Paper update comment
File names of file uploads are not scanned.
Note: File names of files uploaded to Dropbox Paper are scanned.
Upload a file to chat
Send email; attach a file; save a draft; send an email (classic); save a draft (classic)
Create a ticket (epic/story/task/subtask/bug/customer issue/customer request) description; upload an attachment to a newly created ticket (Atlassian must also be selected); add a comment to a ticket; edit a comment in a ticket; edit description
Note: To scan file uploads, you must select Atlassian and Jira as destinations for the DLP rule.
File upload; publish content after a file upload; edit a published slide; edit privacy settings of a post; report content as inappropriate; upload thoughts and ideas on a slideshare; like a thought or slide; upload files from a Cloud app (Dropbox, GDrive, Box, Gmail, OneDrive); share content using linkedIn, Facebook, or Twitter
Create workspace; create board; add item-update with file upload; add an item–update reply with file upload; add a message to Text column; add text to Long Text column; add an update with a file upload to a sub-item; reply to a sub-item update with a file upload; add a local file to File column; add an email address or text to Email column; upload a file to a shared form; add text to the dashboard text widget;
Post a message
File upload; upload file via chatter; write a post in chatter; write a note;
Service management post incident; service automation post incident
Create note; create request list; upload a file to a task; create a task; add task comment; send an invite to a new user; share a file; file upload; submit a form; remote upload a form; create a file drop; share a file via email; send an email
File names of files uploaded to ShareFile storage are not scanned.
File upload; post a message in a channel
File upload; upload attachment to a form; add comment to a form
File upload; upload a file to a message
File names of files uploaded to WeTransfer are not scanned.
Add an address; edit an address; add text to a field; upload a file
Upload file; send an email; save a draft
Supported File and Form Types < Supported Applications > Best Practices for the Data Loss Protection Policy
Updated 5 months ago