Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here

Skyhigh Security

DLP Collaboration Use Cases for Zoom

Supported Features 

Skyhigh CASB for Zoom supports these features for the DLP collaboration of users:

  • Identify and remove sensitive content shared with 1:1 or 1: many chats.
  • Identify and remove sensitive content shared in specific teams/channels.
  • Identify sensitive content posted in conversation with internal users and remove the content.
  • Identify sensitive content posted in conversation with internal users and revoke collaboration

NOTE: If you want to revoke collaboration with External Collaborators in multi-chat then that is not supported as there are no relevant Zoom APIs for it. We have to explore a workaround to support it in future releases.

Identify and Remove Sensitive Content Shared With 1:1 or 1: Many Chats

Skyhigh CASB for Zoom allows security admins to define the DLP policies to monitor and remove sensitive data posted in channels. Messages or files posted in the regular channels that are in 1:1 or 1: many chat conversations are monitored and deleted.

For example, say your organization has the domain myorg.com. Some of the teams in the 'MyOrg' Zoom tenant having multiple channels supporting 1:1 and 1: many chats. So the organization wants to detect and remove any sensitive data such as credit card numbers posted in that channels. 

To identify and remove the sensitive content posted in channels, define the DLP policy for Zoom in the Skyhigh CASB as described.

Rule Group 

For the DLP Policy, create the File Path/Folder ID associated with the Rule Group to identify the sensitive data.

To create a File Path/Folder ID policy:

  1. Go to Policy > DLP Policies
  2. Click Actions > Create New Policy
  3. The Create a DLP Policy Wizard is displayed. On the Description page, enter the following details and click Next.
    • Name. Enter the name of the policy.
    • Services. Select Service instance as Zoom.
      clipboard_ecc0b47167a270ada8d5ed508fbd78eec.png
  4. On the Rules & Exceptions page, configure the following and click Next.
    • Select File Path/Folder ID and enter the list of internal team names.
    • Select any options such as Data IdentifierKeywordRegular Expression.
    • Select the required Severity from the menu. 
      clipboard_e61eceeace9fc12486c45ab30103744b6.png

Response Action  

To add a response action to a policy:

  1. On the Responses page, select Delete to remove the sensitive data and click Next.
    clipboard_e4709d47df162bd02a5cd0f2a0df6c152.png
  2. Review your changes and click Save.

Identify and Remove Sensitive Content Shared in Specific Teams / Channels 

Zoom dedicates channels within a team to keep conversations organized by specific topics, projects, disciplines, etc. To create a channel, you must create a Team Name, then add the channels to it.  Skyhigh CASB for Zoom allow security admins to define the DLP policies to monitor and remove the sensitive content shared in any specific teams /channels.

For example,  say you are sharing sensitive content such as credit card details in the teams name external.team1 and the associated channels with that team such as Channel 1 and Channel 2  also receive the same sensitive information. To remove the sensitive content from that specific team/ channels, define the DLP policy for Zoom in the Skyhigh CASB as described.

Rule Group  

For the DLP Policy, create the File Path/Folder ID associated with the Rule Group to identify the sensitive data.

To create a File Path/Folder ID policy:

  1. Go to Policy > DLP Policies
  2. Click Actions > Create New Policy
  3. The Create a DLP Policy Wizard is displayed. On the Description page, enter the following details and click Next.
    • Name. Enter the name of the policy.
    • Services. Select Service instance as Zoom.
      clipboard_ecc0b47167a270ada8d5ed508fbd78eec.png
  4. On the Rules & Exceptions page, configure the following and click Next.
    • Select File Path/Folder ID and enter the list of internal channel names.
    • Select any options such as Data IdentifierKeywordRegular Expression.
    • Select the required Severity from the menu. 
      clipboard_e61eceeace9fc12486c45ab30103744b6.png

Response Action  

To add a response action to a policy:

  1. On the Responses page, select Delete to remove the sensitive data and click Next.
    clipboard_e4709d47df162bd02a5cd0f2a0df6c152.png
  2. Review your changes and click Save.
  • Was this article helpful?