DLP rule not triggering for OneDrive Public links
Article ID: 260528
Updated On:
Products
Data Loss Prevention Core Package
CASB Advanced Threat Protection
CASB Audit
CASB Gateway
CASB Gateway Advanced
CASB Security Advanced
CASB Security Advanced IAAS
CASB Security Premium
CASB Security Premium IAAS
CASB Security Standard
CASB Securlet IAAS
CASB Securlet SAAS
CASB Securlet SAAS With DLP-CDS
Issue/Introduction
- Enabled a DLP rule to block sharing of Public Links that contain sensitive data in OneDrive
- The rule does not trigger on sharing Public links
- The rule does trigger for sharing External links
Cause
In the Office 365 SharePoint settings the option to "Allow only users in specific security groups to share externally" was enabled
When this setting is enabled Microsoft does not send the API response that CASB needs to properly handle sharing public links
Resolution
The only way to resolve this is to remove the check box from the "Allow only users in specific security groups to share externally" option
This can be done by doing the following:
- Login to Office 365 with an account with sufficient privileges to make the change
- Click on the App launcher in the top left corner and click Admin
- In the Microsoft 365 admin center click the more option
- Under the Admin centers on the left click SharePoint
- In the SharePoint admin center expand Policies and select Sharing
- Expand "More external sharing settings" and uncheck "Allow only users in specific security groups to share externally"
Additional Information
Microsoft has a Design Change Request (1483271) in their backlog. If this issue is occurring a request can be made to Microsoft to prioritize this issue in hopes of getting it fixed more quickly
Feedback
Yes
No
Powered by
