Overview
New in DLP 14 is the ability to scan Box.com for confidential data that may be stored in an enterprise's Box.com envrionment (See https://www-secure.symantec.com/connect/blogs/configuring-boxcom-network-discover-scan-dlp-14 for more information.). Once a Network Discover Scan has been ryun and a policy is violated an autoamtica response rule can visually tag a file within Box.
This post will cover creating this response rule
Configuring the Response Rule
The first step to confiugre the response rule is to enable the response rules for scanning with the Discover Target. If the checkbox is not enabled th response rule will not trigger.
The response rule then needs to be created and also assigned to the policy in order for it to work. Within the system add a new response rule and select the type "Automatic"
Under the "Tag" section of this response rule, add whatever your company would like to display within Box.com
What this looks like
When an incident is generated within the system it will generate the response rule. The incident report will look like:
The "tag" icon next to the Box.com icon shows the resposne rule has been applied.
The incident snapshot shows a more detailed view of this, including the response rule:
And then within Box.com itself one can see the tag applied
