Policy not triggering for Box Securlet after activating with Co-Admin
Article ID: 175505
Updated On:
Products
CASB Security Standard
CASB Security Advanced
CASB Securlet SAAS
CASB Security Premium
Issue/Introduction
The Box Securlet has been activated using a Co-Admin and a policy has been created to trigger when files are shared publicly. When sharing a file publicly the policy does not trigger as expected.
No error message is available for this issue. The policy simply doesn't trigger as expected.
Environment
Box Securlet activated as a Co-Admin
Cause
There are limitations regarding the activation of the Box Securlet using a Co-Admin.
- CloudSoc does not have visibility into the activities of Box Admin and other Co-Admins
- CloudSoc cannot scan the documents of the Box Admin and other Co-Admins
- CloudSoc cannot remediate the content of the Box Admin and other Co-Admins
In this specific situation the first two bullet points are the cause of a policy not alerting when a file is shared publicly.
Resolution
Performing the testing of the policy with an account that is not a Co-Admin within Box. The policy will trigger.
Symantec strongly recommends that a Box administrator and NOT a Co-Admin is the Primary who activates the Securlet.
Feedback
Yes
No
Powered by
