Skip to content
Posted on May 15, 2019

Content Scanning

/ / / / / / /

Today we are announcing Content Scanning with cross-application functionality. Content Scanning is now available for G Suite, Box, and Slack.

Content Scanning for Google, Box, and Slack

With this release, you can set alerts and policies to search for sensitive material, such as files containing personally identifiable information, files containing profanity, or files containing financial information. You can also specify if you are looking for files shared externally or publicly with sensitive information in it.

You can create these directly from the Alerts page, taking advantage of our quick set up for alerts that now include the Content Scanning block for you to specify within your alerts.

An alerts manager interface showcases a list of custom alerts with columns for sources, descriptions, severity levels, and statuses. Examples of alerts displayed include sensitive data exposure, rule violations, and account captures. Severity levels are color-coded for quick identification: critical in red, high in orange, medium in yellow, and low in green. Statuses range from "Active" to "Resolved," indicated by distinct icons or text labels. The user interface is organized with filters and search options at the top to assist users in navigating the list efficiently.

With this feature, you can specify your alert to the specific Region, Category, and Information Type. With the Region or Category, you will have various countries to select from that will narrow down the list of options under Information Type. You can add additional Content Scanning conditions as you build out the alert.

Once you publish the alert, if you navigate to Triggered Alerts, you’ll find your alert and can select it to view the sensitive content.

A dashboard displaying a critical alert for sensitive data detected in a file, activated by a Google connector on April 15, 2019. The alert details seven incidents, each with specific matches and timestamps, highlighting potential security concerns regarding confidential information.

If you want to see what the specific violations are that are occurring, you can see it by navigating to the Violations column.

A review alert displaying U.S. Social Security Numbers (SSNs) found in a document, with two SSNs partially visible: one ending in 4123 and another in 2891. The alert likely indicates a data security concern, highlighting sensitive information at risk of exposure.

If you return to the Alert, you can select all the documents and take action on all the documents selected, or you can select a specific document to look into before taking action. Some of the actions you can take are Move File, Remove File Collaborator, Change File Editors to viewers, Remove all External file Collaborators, Delete File, Unshare File, Revoke Public Sharing Link, and more.

Content scanning report displays a "Major" severity status due to sensitive data detected in a file. The report lists 25 items with violations, each triggered between January 4, 2019, and April 15, 2019.

If you choose to look into one of the files specifically, you will see the document’s sharing Permissions, such as who it was shared with and what that user’s permissions are. Within that document, you can take actions against a specific user. In addition to taking one-off actions, you can create automated workflows so that if these violations take place, there are automatic actions that occur, such as sending a Slack message to the IT or security team, sending an email to the user, removing file collaborators, unsharing the file, and more.

A report titled "Docs Exposed Externally Report #1" displays details including the document owner, source type, and last updated date. The permissions section details viewers and editors along with their email addresses. Key elements include tables with concise data entries, highlighting who has access to the document and their respective roles (viewer or editor). This information helps identify potential security risks involved in external document sharing.

Please note this feature is only available for our Pro and Enterprise customers.