How to use Policies in Dropbox Dash

Updated Oct 21, 2025

In this article

person icon

The information in this article applies to admins on Dropbox Dash.

Policies in Protect and Control help admins automatically detect and fix potential data risks across their organization. They run daily scans for conditions like files with open links, externally shared content, or inactive accounts.

How to use Policies

There are two ways to use policies after you’ve set up your requirements:

  • Send an alert: Sends admins an email every 24 hours at 8:00 UTC that summarizes matching policies that need manual review.
  • Automatically fix it: Performs automatic fixes daily on matching items at 8:00 UTC, with changes logged in Action history.
    • Depending on the size of your organization, automatic fixes can take a few hours to complete.

How to access Policies

  1. Log in to dash.ai using your admin credentials.
  2. Click your avatar (profile picture or initials) in the bottom-left corner.
  3. Select Admin console from the dropdown menu. The Admin console opens with the Dash section already expanded, and you'll see Settings under Products → Dash.
  4. Click Policies under the Dash section in the left sidebar.
  1. Log in to dropbox.com using your admin credentials.
  2. Click Admin console in the left sidebar.
  3. Click Dash under the Products section to expand it.
  4. Click Policies.

How to manage policy requirements

There are 14 policy cards that can be edited and customized.

  1. Click Set up on an inactive policy card or the gear icon on an active policy card.
  2. Give your policy a unique name.
  3. Click Edit mode.
  4. Set all the applicable filters.
  5. Click Save and close.
  6. Select if you want to Send an alert or Automatically fix it.
  7. Type CONFIRM.
  8. Click Activate on an inactive policy card or Update on an active policy card.

You can also edit an existing policy while reviewing the policy matches. Use the filters in the left side panel to preview what the matches will look like with the changes.

Be sure to click Edit when you’re ready to make changes and Save and close when you’re done.

highlighter icon

Notes:

  • Policies must have unique filter selections.
  • If you update an existing policy, the policy matches will stay in the queue, and the next run at 8:00 UTC will reflect the changes. 

What automatic fixes are available

Each policy card has a set automatic fix and can’t be changed.

Number of cards Action
1 Remove collaborator: All external accounts
3 Remove link type: Public
3 Remove link type: Company
3 Remove collaborator: All outside accounts
4 Remove collaborator: All personal accounts
magic wand icon

Tip: You can see the automatic fixes in Action history. To see only automatic fixes, enter “policy-automation” in the Actor filter. You can refine your results by adding additional filters.

How Alerts work

Every 24 hours at 8:00 UTC, an email summarizing policy matches that need manual review is sent to admins. The email also has a link to review the matches, and identifies who created the alert.

highlighter icon

Notes:

How to review and take action on policy matches

You can view policy matches by clicking View matches in the alert email or the matches on the policy card. From there, you can manually take action on the matches individually or in bulk.

  1. Select the matches you want to action on.
  2. Click the action you want to take:
    • Add link type
    • Remove link type
    • Add collaborator
    • Remove collaborator
    • Stop sharing
    • Delete
  3. If applicable, select the action or enter the collaborator.
  4. Type CONFIRM.
  5. Click the action button.

How to deactivate a policy

  1. Click the gear icon on an active policy card.
  2. Scroll to the bottom of the policy card.
  3. Type CONFIRM.
  4. Click Deactivate in the bottom left of the policy card.
  5. Then click Deactivate again in the pop-up. 
highlighter icon

Note: When a policy is deactivated, alerting and automatic fixes will continue until the start of the next cycle at 8:00 UTC. Policy matches will stay in the queue after deactivation.

FAQs about Policies in Dropbox Dash

Why don’t I see any policy matches?

You’ll only see policy matches when all the requirements are met. Policies trigger alerts or automations only after every condition is satisfied.

Can I change when the policy runs?

Policies run automatically once per day at 8:00 UTC and can’t be modified.

Can I stop or undo fixes once they start?

Actions already queued will complete and appear in Action history. They can’t be stopped or undone.

Can I edit or delete an action that already ran?

Actions are permanently logged in Action history for visibility and auditing and can’t be modified. 

Can I get alerts through Slack?

Currently, alerts are only sent through email. 

Was this article helpful?

Let us know how why it didn't help:

Thanks for letting us know!

Thanks for your feedback!

Related Articles

Data storage

Digital Services Act (DSA) Information

Dropbox incident response policies and procedures

Dropbox Terms of Service and Privacy Policy updates

Community answers

Other ways to get help

Icon depicting two people
Community
Twitter Icon
X
Icon depicting a speech bubble
Contact support