About OneCollect
IMPORTANT: Support for OneCollect is in Limited Availability. To enable this feature, contact MSkyhigh Security Support.
CASB Connect for OneCollect enables Security Operations Center (SOC) Admins to monitor user activity in the OneCollect application, enforce DLP and CAP policies to review threats detected by Skyhigh CASB User and Entity Behavior Analytics (UEBA) and machine learning algorithms.
Skyhigh CASB for OneCollect provides the following use cases:
- Enforce Data Loss Prevention (DLP) policy for attachments to block sensitive data.
- Activity Monitoring identifies login, file upload, and file download in the OneCollect app.
- Contextual access control via CAP supports for both managed and unmanaged devices.
Limitation and Known Issue
- Blocked tombstones files retain original file names and it's a OneCollect app limitation.
Prerequisites
Make sure you have met the following prerequisites:
- Activate the Offline DLP and manageable icons checkbox in the registry for OneCollect CSP.
- Add the following appropriate metadata in the registry for OneCollect CSP.
| SL. No of Metadata | CSP ID | Properties | Metadata |
|---|---|---|---|
| 201681 | 32447 | longtail.saas.app | true |
|
201684 |
32447 |
DomainNames |
*.bank.my.ocbc.uat.fomopay.net |
|
201682 |
32447 |
ServiceProperties |
{"cloud.access.policy.document.content.check.enabled" : "true","cloud.access.policy.document.content.types" : "application/octect-stream,application/pdf","res.headers.torewrite":"Content-Security-Policy"} |
NOTE: The metadata may vary depending on the customer's original domain or access URL.
NOTE: For SSO Setup, any IDPs with SAML 2.0 must be configured.