Netskope Help

File Sharing Exposure

Cloud storage and file sharing SaaS apps bring several advantages to enterprises because of convenience and scale. However, when not managed properly, file sharing can have serious implications with respect to data security. File sharing is a necessity for today’s enterprises, as staff and business partners become increasingly globalized and need access to files and documents for efficient productivity and collaboration. However, to avoid data leaks, enterprises should take corrective steps toward achieving file sharing security.

Netskope's API Data Protection protects against data loss and theft due to file sharing. API Data Protection supports various file sharing exposure for SaaS apps. Here is a definition of various file sharing options:

  • Private: A file not shared with anyone.

  • Public: A file that is shared or open to public. There are two types of public share:

    • Public (Unlisted): A file shared via a link such that anyone can access the file with a link.

    • Public (Indexed): A file shared on the web such that anyone can access the file with a link or by searching the file on the internet.

  • Shared internally: A file shared specifically with users within the same sub-domain of the organization.

  • Shared externally: A file shared specifically with users outside the organization.

  • Enterprise shared: A file shared specifically with users in different sub-domains of the same organization.

    Note

    In Office 365 OneDrive and SharePoint, there are two types of enterprise share; everyone and everyone except external users. The table below describes the file sharing exposure for both types of enterprise share.

    Enterprise Share Type

    Shared With

    Files Sharing Exposure

    Everyone

    Office 365 enterprise and external users

    External

    Everyone except external users

    Office 365 enterprise users

    Internal

  • Anyone at enterprise with a link: A file shared via a link such that any user in a different sub-domain of the same organization can access the file.

  • Cross-geo: A file shared between geo locations in an Office 365 multi-geo environment.

The table below lists the file sharing options supported by various SaaS apps:

Apps/File Sharing Exposure

Private

Public

Shared Internally

Shared Externally

Enterprise Shared

Anyone at Enterprise with a Link

Cross-geo

Box

X

X

X

X

-

-

-

Cisco Webex Teams

X

-

X

X

X

-

-

Dropbox

X

X

X

X

-

-

-

Egnyte

X

X

X

-

-

-

-

Google Drive#

X

X

X

X

X

X

-

Microsoft OneDrive

X

X

X

X

X

X

X

Microsoft SharePoint

X

X

X

X

X

X

X

Microsoft Teams

X~

-

X

X

-

-

-

Salesforce

X

X

X

-

-

-

-

Slack

X

X*

X

X

-

-

-

Slack Enterprise

X

X*

X

X

-

-

-

Workplace by Facebook

-

-

X

X

-

-

-

# In Google Drive, files can be shared directly or by a link among internal, external, or public users. Based on the sharing type, Netskope displays the exposure of the file on the dashboard. However, if the Google administrator restricts sharing outside the organization from the Google Admin Console (admin.google.com), this setting is not updated in the API response, and consequently, in the file exposure. For such a case, even if the Netskope dashboard displays the file exposure as public, public on the web, anyone with a link, or externally shared, the file may not be accessible to users outside the organization.

~ The private file sharing exposure applies to direct messaging only. Channels are not supported.

* The public file sharing exposure applies to files only. Messages are not supported.