Box Securlet - Cascade exclusions for child folders is not currently supported by CloudSOC
search cancel

Box Securlet - Cascade exclusions for child folders is not currently supported by CloudSOC

book

Article ID: 247663

calendar_today

Updated On:

Products

CASB Securlet SAAS CASB Securlet SAAS With DLP-CDS CASB Security Advanced CASB Security Premium CASB Security Standard

Issue/Introduction

Exclude child folders in your DLP policy for the Box Securlet.

Cause

CloudSOC does not support the function to cascade exclusions from a parent folder to a child folder at this time.

Resolution

With the current Policy definition, there is one way to achieve this exclusion of folder & sub-folder tree below it:

Instead of specifying the Folder path in the exclusion rule on the Enforce side, the CloudSOC Eng team recommends creating the parent folder to be excluded with a Box Service account user & using this user in the User exception list in the DLP policy on Enforce. This will not only exclude the files in this folder created by this user but all the sub-folder trees below the same including the files. This is because the owner of the parent folder is always the owner of all files & folders under the folder tree hierarchy in Box & hence these all will get excluded as well.