Configuring a Tagging Response Rule for Box.com in DLP 14

Overview

New in DLP 14 is the ability to scan Box.com for confidential data that may be stored in an enterprise’s BOX.COM environment.  See this post for more information on how to configure this.

This post will cover how to configure the the response rule.

Configuring the Response Rule

The first step to configure the response rule is to enable the response rules for scanning within the Discover Target.  If the check box is not enabled the response rule will not trigger.

box remediation

The response rule needs to be created and then assigned to the policy in order for it to work. Within the system add a new response rule and select the type “Automatic.”

box response rule

What this looks like

The incident report will show a new icon (the tag) next to the Box.com incident.incident report

The incident snapshot shows further information in regards to the tagging response rule showing up

incident detail

Finally we can see the “Visual Tag” applied within the Box.com interface.

visual tag