Skyhigh CASB for SharePoint continuously monitors SharePoint accounts for any file activity and processes those documents using Skyhigh CASB DLP policies, an on-premises Enterprise DLP policy engine, or a combination of both.
Skyhigh CASB continuously monitors SharePoint for content changes using APIs from SharePoint (Office365). As employees add/modify files in SharePoint, Skyhigh CASB scans the files according to DLP policies put into place, then quarantines or tombstones documents per DLP policy. Quarantined files can be released or deleted directly from the dashboard. For deployments that use an existing on-premises Enterprise DLP policy engine, the Skyhigh Cloud Connector can be implemented for additional examination by the on-premises DLP solution is sent to the on-premises Skyhigh Cloud Connector.
KNOWN ISSUE: If you are using quarantine response action in the DLP Policies and retention policy is enabled on the SharePoint site, then we can’t delete the file or its contents. To fix the issue, see Skyhigh CASB Known Issues.