Collaboration in O365 and Corresponding Policy Rule Types
In Skyhigh CASB, define Sanctioned DLP policies with Collaboration rules for Shared Links or Folders and Files to control different collaboration possibilities.
- Collaborations for Shared Links. To remove Public and Organization shared links. See the note below for restricted shared links.
NOTE: Restricted shared links such as Shared Link for specific people or Shared Link for people with existing access are accessible only to collaborators on the file. To remove collaboration effectively in such cases, define policies with the policy rule type folder/file collaboration, as only removing the Shared Link would not remove collaborators from the file or folder. So, the policy rule type Shared Link is evaluated for restricted shared links.
- Collaborations for Folders and Files. To remove collaborators on the file or folder.
For details, see Sharing Collaboration Policies.
Shared Link
In O365, Shared Links can be generated using the Share or Copy Link options available in the menu when a file/folder is selected in OneDrive or SharePoint.
While Share option lets you send the shared link in an email, Copy link lets you copy the link to pass onto the collaborators through a different medium.
The dropdown in either Share or Copy link dialog boxes has four options. Anyone and People in Company correspond to Public shared link and Organization shared link respectively and can be controlled by Skyhigh CASB policies with the Shared Link rule type.
Further, a shared link can be generated from details pane of a file/folder by choosing Manage Access and then Grant Access, as shown below:
All options in the dropdown except Restricted link - Only specific people can open this link correspond to Public or Organization shared links and can be controlled by Skyhigh CASB policies with Shared Link policy rule type.
Adding Collaborators
You can add people as collaborators to a file/folder either through Share/Copy Link with Specific People or through the details pane of a file/folder. Select Manage access and then Invite People, as shown below. Adding collaborators to a file/folder in Office 365 is controlled by Skyhigh CASB policies with the File/Folder Collaboration policy rule type.
Other collaboration possibilities in Office 365 such as from Outlook or other apps would be similar as explained above.
People with existing access. Choosing this option generates links that can be accessed only by the people who are already collaborators on the file/folder. These collaborators must have been added prior to either using Shared Link for Specific people or Invite People.