The 25 Dropbox security checks Black Cat runs
Black Cat SSPM evaluates 25 security policies against your Dropbox configuration on every scan, classifies each finding by risk, and provides remediation steps. Below is the full list, grouped by category.
access control
Restrict Dropbox group creation to administrators only
Reduce the number of Dropbox admin users to the minimum necessary
Remove or suspend Dropbox member accounts that have been inactive for over 90 days
Revoke or resend Dropbox team invitations that have been pending for over 30 days
Ensure all active Dropbox members have verified email addresses
Ensure Dropbox admin accounts have verified email addresses to prevent account compromise
Convert user-managed Dropbox groups to company-managed to ensure admin oversight of membership
Revoke Dropbox mobile sessions that have been inactive for over 90 days
Review and clean up excessive pending Dropbox team invitations
Review suspended Dropbox members and remove them to free licenses and reduce risk
app governance
Review and revoke Dropbox connected apps that have full account access instead of a sandboxed app folder
Review and remove unnecessary Dropbox connected apps for members with excessive integrations
audit
Enable the Dropbox Office Add-in to allow users to save Microsoft Office files directly to Dropbox
Remove suspended Dropbox member accounts to free licenses and prevent accidental reactivation
configuration
Remove empty Dropbox groups that have no members to reduce clutter
Review archived Dropbox team folders and permanently delete them if no longer needed
data protection
Change the default shared link policy to restrict links to team members only
Restrict shared folder membership to Dropbox team members only
Restrict team members from joining shared folders outside the team
Configure the shared folder link restriction policy to prevent unrestricted external access
device trust
Enable and enforce Enterprise Mobility Management (EMM) to ensure only managed devices access Dropbox
Revoke Dropbox web sessions that have been inactive for over 30 days
Revoke Dropbox desktop client sessions that have been inactive for over 90 days
Revoke excess Dropbox device sessions for members with more than the recommended maximum
sharing
Disable the Dropbox suggest members feature to prevent unauthorized team invitation suggestions