Dropbox data classification

Data classification helps teams stay compliant with corporate and government regulations by allowing admins to automatically track and report on personal information stored in team folders, team member folders, and shared folders, such as credit card, passport, bank account, and social security numbers.

Enable automatic data classification

Admins can enable automatic scanning for personal information. 

Note: The data classification feature does not copy content from files that are identified, or store it in another location. It only labels files to indicate they may contain personal information.

To enable automatic scanning:

1. Sign in to dropbox.com with your admin credentials.
2. Click Admin console in the left sidebar.
3. Click Classification in the left sidebar.
4. Click the dropdown next to Personal information labeling and select Only scan team content or Member and team content.
5. Click Save.

Information types than can be detected

Automatic data classification is currently supported in the US, Canada, Australia, Germany, France, Japan, and the UK.

To see a current list of personal information types Dropbox can detect:

1. Sign in to dropbox.com with your admin credentials.
2. Click Admin console in the left sidebar.
3. Click Classification in the left sidebar.
4. Browse by location under Info types.

Files types that can be scanned

The following file types can be scanned:

.doc

.docx

.docm

.ppt

.pptx

.pptm

.csv

.xls

.xlsx

.xlsm

.pdf

.rtf

.txt

.vtt

.gdoc

.gsheet

.gslides

.paper

.papert

Notes:

• Dropbox can’t currently scan password-protected files or files over 100MB.
• Every classification of personal information is added to the team activity log. 

• Learn more about monitoring and managing team activity in the admin console.

Receive and view external sharing alerts

Admins will receive data loss prevention (DLP) alerts via email when files or folders containing sensitive information are shared outside their team. 

Note: External sharing alerts will only be triggered for files and folders inside team folders, not team member folders or shared folders.

The email alert includes:

• Filename and location
• Type and severity of the alert
• Date and time the content was shared 
• Type(s) of information detected in the shared content
• Team member who shared the content
• Recipients of the share

Learn how to turn security alerts on and off.

Admins can monitor alerts in their admin console and can block access to the affected content, if necessary. 

To access all DLP alerts:

1. Sign in to dropbox.com with your admin credentials.
2. Click Admin console in the left sidebar.
3. Click Security in the left sidebar.
4. Click Alerts in the left sidebar.

To remove access to externally shared content:

1. Open the DLP alert in your email or admin console.
2. Click Manage access in the top-right corner.
3. Click the downward arrow next the the recipient’s name and select Remove.

Create a Classification report

Admins can create a Classification report, to see a list of files containing personal information. The report includes:

• Filename and type
• File ID
• File location
• Type of information detected
• External sharing status
• Sharing method
• Sharing originators
• Sharing recipients
• Sharing dates

To create a Classification report:

1. Sign in to dropbox.com with your admin credentials.
2. Click Admin console in the left sidebar.
3. Click Classification in the left sidebar.
4. Click Create report next to Create a report of labelled files.

A .csv file will be generated. You’ll be notified by email when the report is ready to be viewed or downloaded from the “Dropbox Business reports” folder of your admin account.

Note: The report can’t be created until the initial scanning process is complete.

Provide feedback on the quality of detection

Admins can provide feedback on data classification, to help improve the accuracy of scanning. 

On dropbox.com

1. Sign in to dropbox.com with your admin credentials.
2. Click Admin console in the left sidebar.
3. Click Security in the left sidebar.
4. Click Alerts in the left sidebar.
5. Find the item you’d like to provide feedback about.
6. Click Send feedback in the right sidebar.
7. Answer the questions about the information that was detected.
   
   • Note: Don’t include sensitive or personal information with your comments.
8. Enter additional details, if you'd like.
9. If you’d like to give Dropbox permission to contact you, click the checkbox next to Dropbox can contact me about my feedback.

 

From a Classification report

1. Open a Classification report in the “Dropbox Business reports” folder of your admin account.
2. Find the item you’d like to provide feedback about.
3. Click the link in the column labeled Send feedback about PII.
4. Answer the questions about the information that was detected.
5. Enter additional details, if you'd like.
   
   • Note: Don’t include sensitive or personal information with your comments.
6. If you’d like to give Dropbox permission to contact you, click the checkbox next to Dropbox can contact me about my feedback.
7. Click Send.

Notes:

• If you agree to let Dropbox contact you about your feedback, someone from Dropbox may contact you by email for more details and information.
• Dropbox will not view the contents of the affected files without explicit permission.

Accuracy of detection

The data classification feature makes predictions of personal information based on probabilities. These predictions can be subjective and may not be 100% accurate.

Team member files

If you’re a member of a Dropbox team with data classification enabled by an admin, Dropbox will scan your team's files for personal information. This process includes assigning certain attributes to files to help your admin better manage sensitive data in your team’s account. If your team disbands and you continue using Dropbox, files that were once part of your team’s account may retain attributes assigned during the data classification process.