In the cloud, as in life, sometimes we want to share:

And sometimes we don't:

Fortunately, a CASB like Bitglass makes control over cloud sharing simple (sorry, no built-in controls for wagon sharing). Let's take a look at how quickly and easily we can control unwanted external file sharing in Office 365's OneDrive. For this example, we'll quarantine any external or public shares from our Sales team that include social security numbers or credit card numbers.

First, we add the Office 365 app from the cloud application catalog. In this case, we have already configured "access" policies, which leverage our hybrid proxy architecture for real-time data protection from both managed and unmanaged devices. To capture data-at-rest and external sharing, we'll add a "cloud" policy. 

For this policy, we choose to selectively scan only our Sales organization.

We'll then choose two patterns from Bitglass' library of pre-defined Cloud DLP objects (you might choose to create your own objects), and match those with "external" or "public"shares. 

Finally, choose the action we want to take on files matching the policy. In this case, we'll quarantine for further investigation before either whitelisting or blocking the share.

That's it! If only childhood were this simple...