- CheckMates
- :
- Products
- :
- Harmony
- :
- Email and Collaboration
- :
- CloudSaaS Office 365 OneDrive DLP setup
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
CloudSaaS Office 365 OneDrive DLP setup
Hi guys,
First of all, I'm new with CloudGuard SaaS and doing test integration with Office 365 for OneDrive DLP setup and getting stuck at some configuration that can't block sensitive data when uploading the file via OneDrive application such as credit card info for example.
I have already configured OneDrive rule for DLP, refer screenshots below.
1st figure, with Policy Rules for Office 365 OneDrive DLP
2nd figure, for Rule DLP setting with PCI Credit Card Numbers
3rd figure, uploaded the sensitive data file and shared to everyone
4th figure, CloudGuard SaaS does not block this file.
5th figure, No display events on overview dashboard.
I do not know where I'm missing configuration.
Anyone any ideas?
Really appreciate every comments
Regards,
Sarm
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @Sarm_Chanatip ,
Thank you for using CloudGuard SaaS!
Please open a ticket with our support so that we can take a deeper look into your configuration.
If you need help with opening the ticket, click here.
Thanks,
Abigael
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Abigal,
Agree CG Saas is great product and I hope more to join this solution.
I had a similar issue but was not fixed due to as designed or as build.
It was an issues with Danish Social Security numbers why didnt' work either.
You had to add more then 10 different social security numbers before CG SaaS was raising a flag. DLP right now only flags but does not protect yet.
If one tests with Canadian or USA it is flagged right away because the pattern is different to ours in Denmark.
For example
Donald Duck
100110-1721
But why send out 10 different social security numbers in a e-mail. I would say according to GPDR in EU just one social security number which being send out should be flagged.
Kim
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Kim_Moberg ,
We will actually fix very soon the issue of Danish Social Security Numbers to decrease the built-in threshold to 1. You will then be able to adjust it in the policy by increasing or decreasing the sensitivity.
I believe that the issue here is different. I saw that a SR has been open so our RnD will look into the matter.
Thanks,
Abigael
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for your reply.
I just saw the similar pattern but I am sure you are right.
I will be looking forward to see the fix being implemented and of course to see where the CG SaaS go with the future development.
I can only recommend Check Point customers to get CG SaaS product to be part of their IT-services.
Kim
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you for your comment.
I have opened a ticket to TAC but still has not been received any information or solutions yet.
Regards,
Sarm
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am looking into it and will do my best to move things forward.
Thanks for your patience!
Abigael
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@Abigael_Levy , we are about to start looking at the Cloud DLP solutions. Please advise if CP SaaS DLP is now working for prevention as well as detection, if the minimum number of instances is reduced to 1 and if it works with any other SaaS products besides hosted Exchange and OneDrive. We are particularly interested in SalesForce integration.
Thank you,
Vladimir
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Vladimir
We do have a great DLP solution for SalesForce which I will be more than happy to present and discuss.
Please contact me at asafhe@checkpoint.com
With regards to prevent vs. monitor. We will add in-line prevent to Email DLP (O365 or Gmail) in mid Q4.