LogoLogo
  • Introducing dope.swg
    • Changing the Rules...
    • Quick Start Guide
      • Create a dope.swg Account
      • Get Started with the dope.endpoint
      • Import User and Group Data
      • Create a dope.swg Web Policy
    • Mitre ATT&CK and Nist CSF
  • dope.console
    • Analytics
      • Overview dashboard
      • Policy View
      • Productivity
      • Shadow IT
      • Detail View
    • dope.swg Policy
      • Editing the Base Policy
      • Adding Policy Exceptions
      • Assigning a Block Page
      • Creating Custom Categories
      • URL Bypass List
      • Application Bypass List
      • Default Bypass List
      • Cloud Application Control (CAC)
        • Microsoft O365
        • Google
        • Box
        • Salesforce
        • Dropbox
        • Slack
        • WebEx
      • Custom Policy
      • Policy Assignment
      • Policy Inheritance and Customization
    • CASB Neural
      • Microsoft 365 - Authentication
      • Google - Authentication
      • CASB DLP
        • DLP Files Table
    • Endpoint Manager View
      • Searching the View
      • Filtering and Sorting the Endpoint View
      • Endpoint Count
      • Running Diagnostics
      • Disable Endpoint
    • Settings
      • General
      • Block Pages
      • Endpoints
      • Users
        • Importing from Google
        • Why not SAML & SCIM?
      • Audit Log
      • SIEM Integration
        • Category & Verdict Mappings
      • API Client Credentials
      • Billing Details
    • Notifications
      • SSL Errors
  • dope.endpoint
    • Trusted Process Names
    • Generate Diagnostics
    • Disable Endpoint
    • Installing using MDM on Mac
      • Using JAMF
      • Using Kandji
      • Using Intune
    • Installing using Intune on Win
    • Mac Installer
      • Installation Process - Silent
      • Uninstall
      • Endpoint Authentication
    • Windows Installer
      • Installation Process - Silent
      • Uninstall
      • Endpoint Authentication
    • dope.endpoint UI
      • Windows UI
      • macOS UI
    • Automatic Updates
  • Release Notes
  • DOPE.APIs
    • Public API Specification
Powered by GitBook
On this page
  • While the CASB DLP Data Graph gives a high-level overview of the scan results, the table retrieves specific details of each publicly shared file.
  • Contents
  • File Classification Details
  • Detections
  • Dopamine
  • Who has access to the file
  • Search, Filtering, and Sorting
  • Search
  • Filtering
  • Removing permissions
  • Marking a file as “Reviewed”
  1. dope.console
  2. CASB Neural
  3. CASB DLP

DLP Files Table

While the CASB DLP Data Graph gives a high-level overview of the scan results, the table retrieves specific details of each publicly shared file.

Unlike any other CASB product, this table extracts the exact details on why a file was classified as possible risk and provides the Dopamine Hit (LLM-Generated DLP) which summarizes the contents of the file.

This makes it easy for you to make a decision on next steps.

Contents

Field
Description

Name

The name of the file from your tenant

Type

The classification type assigned to the file. This can be one or more of the following:

  • IP (Intellectual Property)

  • PHI (Public Health Information)

  • PCI (Payment Card Industry)

  • PII (Personally Identifiable Information)

  • Other Public Files (Public files with no sensitive information)

  • Unclassified (External Shared Files Only)

Status

Indicates if the admin has marked a file as reviewed or not

Shared

Indicates if the file is shared publicly or with an external email

Comment

A review comment can be added to each file, coming soon

Created By

The email address of the user who created the file

Created On

The time or date the file was created

File Classification Details

Detections

The right hand panel provides the details on why the file given its classification type.

Where a file has been detected to have either IP, PHI, PCI, or PII, the information from the file that resulted in this classification is listed, color coded based on classification type.

Dopamine

Unlike any other CASB product on the market, dope.security provides a Dopamine summary of the document that has been classified. This is only possible because of the AI technology that we are using to provide classification. This Dopamine summary allows admins to get an understanding of what type of documents have been exposed publicly.

Currently files that are shared with an external email are not classified. The ability to classify these files will be added shortly.

Who has access to the file

Search, Filtering, and Sorting

Search

At the top of the table, you will find a search bar that can search within File Name or User Name.

Filtering

Filter the table by classification type by clicking on the menu.

You can also filter the table by Shared Type by clicking on the menu.

Removing permissions

It is possible to remove the public sharing permissions from one, many, or all of your public from within the dope console. Removing the Public sharing permissions will mean the file is no longer publicly shared i.e. anyone with the link can no longer access the file.

Where a file is shared both publicly and externally it is also possible to remove both the public and external sharing permissions. And where a file is shared with just externally it is possible to just remove the external sharing permissions.

To remove the public permissions select one or multiple files in the CASB table and select the Remove Public button on the bottom right of your view.

To remove both public and external sharing permissions elect one or multiple files in the CASB table and select the Remove Public + External button on the bottom right of your view.

To remove just external sharing permissions select one or multiple files in the CASB table and select the Remove External button on the bottom right of your view.

That’s all that you need to do! The file will have the sharing permissions removed from your Microsoft 365 / Google tenant. Once the permissions are removed, your CASB table will update to remove the files from view. These files will now be included in the private or external file count.

In some cases, it can take up to 15 minutes for the Microsoft 365 / Google tenant to respond. It is possible to get the latest status of the file by hovering over it in the CASB table.

Marking a file as “Reviewed”

There are probably some publicly shared files that you will not want to remove the sharing permissions for. These can be marked as “Reviewed” to let others know that the file has been reviewed for content and intentionally kept public.

To mark a file as “Reviewed,” select the arrow next to “Remove Public” to toggle the option open.

When you mark a file as “Reviewed,” it is then possible to add a comment to explain why the file has been reviewed and remains publically accessible. Once the comment has been added, confirm by reselecting the “Mark as Reviewed” button.

The file will then update its status and move to the bottom of the CASB table.

Leaving a review comment is optional, a file can be marked as “Reviewed” without a comment.

PreviousCASB DLPNextEndpoint Manager View

Last updated 6 months ago

The right-hand panel is also where you can go to see who has access to the file. The email addresses of the people who have access to the file will be grouped into three sections Public, External and Internal. Within the external sections any email marked with the following icon highlights that this is a personal email.

It is also possible to filter by simply selecting a classification tag in the Type column.

Detection Example
Dopamine Example
Right Hand Panel Example
Filter Dialog for Type
Filter Dialog for Shared
Remove Public Option
Remove Public + External Option
Comment Box
Mark as Reviewed