We are aware of the issue with the badge emails resending to everyone, we apologise for the inconvenience - learn more here.
Forum Discussion
Audit file/folder access for large Business / Group Dropbox account
I've taken over management of an organisation with several large business dropbox accounts.
I can see we have a large amount of data that has been shared with external parties, there has been no oversight of this and it would appear that there are some documents that are sensitive that have been shared that shouldn't have been.
I really need to audit the entire tenant, and I will need to do so reasonably regularly going forward, but I can't seem to find the tools to do so.
Other threads on this site suggest that our only option is to use the the command line API tool to script our own audit of Dropbox access? Can you confirm that this is the case?
To be explicit, what I am looking for is to be able to list folders / folder paths and which groups or individual users are able to access that folder, or if some other sharing feature has been used to allow access to those files outside of the immediate users that have primary access to the dropbox tenant.
Are there any tools that allow this for Dropbox?
AustinAtDropboxDropbox Product Manager
Hello,
One additional solution I wanted to call your attention to is the External Sharing Report. You can find this under the Security tab in the Admin Console. From there, you can search files to see what's shared outside of the team and run a more comprehensive report. If you run a report, we'll generate a spreadsheet and place it directly in your Dropbox. It'll include these columns:
This doesn't quite combine "who has access" inside your team and "who has access" outside the team, but it does give a more comprehensive view of what's been shared externally.
I'm a Product Manager working on security tools for teams, so I'd love to hear from you if this helps solve the problem and what else you'd like to see in this space.
Thanks for taking the time to give us feedback!
Austin
Hi Austin,
That looks exactly as I would expect, all the detail I would need to audit existing access and a nice clear consistent format I could use to report on changes and so on.
Happily I quit that job a few months ago so isn't really relevant to me now! If I'm ever back managing a dropbox account though I'll be sure to check in on that feature.
Thanks,
Patrick
You only get a list of files being shared externally. It won't help you with an internal access control audit. Dropbox offers almost nothing in that regard and it is one of its major failings.
- Megan
Dropbox Staff
Hey MrPatrick1, how are you today?
Based on what you described, it's true that an API would be the ideal match, in order to make it work, and fit precisely on your needs.
You can always use Activity in your admin console, which would give you some insights in regards to shared content. And you could then check each individual folder or file, in order to check the members there.
There are multiple things someone can view/create an activity report on there.
However, we don't have a feature that allows you to check if a file or folder has used a different mechanism, in order to be shared outside of the team with any other means.
I hope this clarifies.
Thanks for the reply Megan.
Looks like my first job is migrating from Dropbox then!
