Exclude child folders in your DLP policy for the Box Securlet.

CloudSOC does not support the function to cascade exclusions from a parent folder to a child folder at this time.

With the current Policy definition, there is one way to achieve this exclusion of folder & sub-folder tree below it:

Instead of specifying the Folder path in the exclusion rule on the Enforce side, the CloudSOC Eng team recommends creating the parent folder to be excluded with a Box Service account user & using this user in the User exception list in the DLP policy on Enforce. This will not only exclude the files in this folder created by this user but all the sub-folder trees below the same including the files. This is because the owner of the parent folder is always the owner of all files & folders under the folder tree hierarchy in Box & hence these all will get excluded as well.