This has been bugging me for the past few days. Our policy is to block cloud based storage providers at the firewall. So I can't access box.com, dropbox.com, Google Drive, Amazon Drive, OneDrive; the common ones, via web browser. Even with their app installed I can't upload or download files, with one exception, OneDrive. We are running O365 and utilize OneDrive on a corporate level. No issue with sensitive files being placed there. The problem is with the personal version of OneDrive. This is the one app I can install and use to upload and download sensitive data to my personal account. I've created a policy with rules for Compressed Files, Recipient; box.com, dropbox.com, ondrive.live.com, etc., and Protocol, FTP,HTTP and HTTPS/SSL. I upload a zip file containing sensitive data, no detection.
Now our DLP implementation is still in its infancy; 2 months old. Our active components are Monitor and Network Discover with Prevent for Email on the way. Monitor is active on SMTP, FTP and HTTP. Is what I'm trying to accomplish possible with Monitor? If so, what am I missing?
Djacobs