Dropbox data classification

Updated Oct 10, 2023
person icon

Data classification is available to teams on Dropbox Standard who have purchased the Security add-on, and to teams on Dropbox Business Plus, Advanced, or Enterprise. However, this feature is unavailable for some teams with an extremely large number of files. If you see a notification that data classification is unavailable for your team, contact support.


Data classification helps teams stay compliant with corporate and government regulations by allowing admins to automatically track and report on personal information stored in team folders, team member folders and shared folders. This includes credit card, passport, bank account, and social security numbers.

Enable automatic data classification

Admins can enable automatic scanning for personal information. 

highlighter icon

Note: The data classification feature doesn't copy content from files that are identified, or store it in another location. It only labels files to indicate they may contain personal information.

To enable automatic scanning:

  1. Log in to dropbox.com with your admin credentials.
  2. Click Admin console in the left sidebar.
  3. Click the More dropdown in the left sidebar.
  4. Click Classification in the left sidebar.
  5. Click the dropdown next to Personal information labeling and select Only scan team content or Member and team content.
  6. Uncheck the box next to any Info types that aren’t relevant.
  7. Click Save.

Information types that can be detected

Automatic data classification is currently supported in the US, Canada, Australia, Germany, France, Japan, Singapore, Sweden, Denmark, Norway, Finland, and the UK.
 

To see a current list of personal information types Dropbox can detect:

  1. Log in to dropbox.com with your admin credentials.
  2. Click Admin console in the left sidebar.
  3. Click Classification in the left sidebar.
  4. Browse by location under Info types.

File types that can be scanned

The following file types can be scanned:

.doc

.pdf

.docx

.rtf

.docm

.txt

.ppt

.vtt

.pptx

.gdoc

.pptm

.gsheet

.csv

.gslides

.xls

.paper

.xlsx

.papert

.xlsm

 
highlighter icon

Notes:
  • Dropbox can’t currently scan password-protected files or files over 100 MB.
  • Every classification of personal information is added to the team activity log. 

Learn more about monitoring and managing team activity in the admin console.

Receive and view external sharing alerts

Admins will receive data loss prevention (DLP) alerts via email when files or folders containing sensitive information are shared outside their team.

highlighter icon

Note: External sharing alerts will only be triggered for files and folders inside team folders, not team member folders or shared folders.

The email alert includes:

  • Filename and location
  • Type and severity of the alert
  • Date and time the content was shared 
  • Type(s) of information detected in the shared content
  • Team member who shared the content
  • Recipients of the share

Learn how to turn security alerts on and off.


Admins can check alerts in their admin console and can block access to the affected content, if necessary. 
 

To access all DLP alerts:

  1. Log in to dropbox.com with your admin credentials.
  2. Click Admin console in the left sidebar.
  3. Click the dropdown beside Dropbox, under Products.
  4. Click Security.
  5. Click Security alerts.


To remove access to externally shared content:

  1. Open the DLP alert in your email or admin console.
  2. Click Manage access in the top-right corner.
  3. Click the downward arrow next the the recipient’s name and select Remove.

Create a classification report

Admins can create a classification report to see a list of files containing personal information. The report includes:

  • Filename and type
  • File ID
  • File location
  • Type of information detected
  • External sharing status
  • Sharing method
  • Sharing originators
  • Sharing recipients
  • Sharing dates


To create a classification report:

  1. Log in to dropbox.com with your admin credentials.
  2. Click Admin console in the left sidebar.
  3. Click the More dropdown in the left sidebar.
  4. Click Classification in the left sidebar.
  5. Click Create report next to Create a report of labelled files.

A .csv file will be generated. You’ll be notified by email when the report is ready to be viewed or downloaded from the Dropbox Business reports folder of your admin account.

highlighter icon

Notes: 

  • The report can’t be created until the initial scanning process is complete.
  • Personal information labeling must be enabled to create a classification report.

Provide feedback on the quality of detection

Admins can provide feedback on data classification, to help improve the accuracy of scanning. 

  1. Log in to dropbox.com with your admin credentials.
  2. Click Admin console in the left sidebar.
  3. Click the dropdown beside Dropbox, under Products.
  4. Click Security.
  5. Click the Security alerts tab.
  6. Find the item you’d like to provide feedback about.
  7. Click on the alert you’d like to send feedback for. 
  8. Click Make this alert better
  9. Answer the questions about the information that was detected.
    • Note: Don’t include sensitive or personal information with your comments.
  10. Enter additional details, if you'd like.
  11. If you’d like to give Dropbox permission to contact you, click the checkbox next to Dropbox can contact me about my feedback.
  1. Open a Classification report in the Dropbox Business reports folder of your admin account.
  2. Find the item you’d like to provide feedback about.
  3. Click the link in the column labeled Send feedback about PII or personal data.
  4. Answer the questions about the information that was detected.
  5. Enter additional details, if you'd like.
    • Note: Don’t include sensitive or personal information with your comments.
  6. If you’d like to give Dropbox permission to contact you, click the checkbox next to Dropbox can contact me about my feedback.
  7. Click Send.
highlighter icon

Notes:

  • If you agree to let Dropbox contact you about your feedback, someone from Dropbox may contact you by email for more details and information.
  • Dropbox won't view the contents of the affected files without explicit permission.

Accuracy of detection

The data classification feature makes predictions of personal information based on probabilities. These predictions can be subjective and may not be 100% accurate.

Team member files

If you’re a member of a Dropbox team with data classification enabled by an admin, Dropbox will scan your team's files for personal information. This process includes assigning certain attributes to files to help your admin better manage sensitive data in your team’s account. If your team disbands and you continue using Dropbox, files that were once part of your team’s account may retain attributes assigned during the data classification process.

Was this article helpful?

Let us know how why it didn't help:

Thanks for letting us know!

Thanks for your feedback!

Related Articles

Change admin rights

Admins

If you're the team admin of a Dropbox team account, you can make other team members admins, too. Find out how here.

View article

Customize Dropbox team security settings

Admins

Keeping your organization's information safe is our top priority. Learn more about how to customize security to meet your business needs.

View article

Dropbox Paper: admin settings for Dropbox teams

Admins

Effortlessly create, share, and keep your team on the same page with the added benefit of admin controls to protect your business. Learn more here.

View article

Dropbox security alerts

Admins

Get email notifications if suspicious behavior or potential data leaks are detected in your Dropbox team account. See how to view alerts and take action.

View article

Other ways to get help

Icon depicting two people
Community
Twitter Icon
X
Icon depicting a speech bubble
Contact support