Skip to main content

How to Prevent Data Leakage and Risky File Sharing by Enabling CASB on Zenarmor

Published on:
.
8 min read
.
For German Version

In today's digital landscape, organizations are increasingly relying on cloud-based applications for storage, collaboration, and communication. While these tools bring undeniable productivity benefits, they introduce significant risks in terms of data security and compliance. One of the primary concerns is the potential for data leakage especially through unauthorized or careless file sharing on cloud platforms.

Employees often use services like Google Drive, Dropbox, or WeTransfer to share files quickly, sometimes bypassing official IT policies. This behavior, although convenient, can lead to the unintentional exposure of sensitive corporate information. To effectively mitigate such risks, organizations must adopt modern security tools capable of providing visibility and control over data transfers in the cloud.

A Cloud Access Security Broker (CASB) serves this exact purpose. By acting as a policy enforcement point between users and cloud services, CASB solutions can monitor activities, enforce access policies, and prevent data exfiltration.

In this guide, we’ll walk through how to enable CASB on Zenarmor, a powerful network security solution, to block file upload operations across various cloud applications. This approach offers a proactive strategy for preventing data leakage and ensuring secure cloud usage.

What is CASB?

A Cloud Access Security Broker (CASB) is a security solution that sits between users and cloud service providers. Its primary role is to ensure that the organization’s security policies are consistently enforced when users access cloud-based applications and services.

Think of CASB as a traffic controller for cloud usage: it observes all the data that flows to and from cloud platforms, analyzes it for risk, and applies rules to control or block certain activities. In summary, CASBs give businesses the control they need to use cloud services safely, without compromising security or compliance.

Why Use Zenarmor for CASB?

Zenarmor builds on CASB's core functionalities by offering powerful network-level enforcement tools and real-time monitoring. While traditional CASB solutions often operate at the application layer, Zenarmor enhances this by inspecting traffic at the network layer, allowing for broader visibility and control.

This makes Zenarmor especially effective for organizations looking to implement granular control over cloud services, particularly in environments where employees may use unsanctioned applications (shadow IT). Zenarmor can detect and block these services even when users try to bypass traditional methods. With Zenarmor, organizations can accomplish the following capabilities.

  • Monitor and analyze cloud traffic in real-time, identifying anomalies and risky behaviors.

  • Block file uploads to unauthorized or non-compliant services (e.g., blocking uploads to personal Dropbox or Google Drive accounts).

  • Enforce security policies consistently, even on encrypted connections (with DPI enabled).

  • Maintain logs and reports for auditing and compliance purposes.

By combining CASB capabilities with Zenarmor’s network-level intelligence, organizations can secure cloud usage without disrupting productivity.

Figure 1. Zenarmor's Cloud Security Capabilities

Blocking File Uploads Across Cloud Applications to Prevent Data Leakage

In Zenarmor, you can block specific actions within each cloud application rather than disabling the entire service. This allows organizations to maintain productivity while controlling risky behaviors such as file uploads.

To start using CASB features effectively, it's essential to first enable Full TLS Inspection. This allows Zenarmor to inspect encrypted traffic (like HTTPS) and apply policy controls accordingly.

After installing Zenarmor on your BSD-based or Linux-based gateway and completing the initial configuration, you can easily block threats and protect your users by following these steps.

1. Enabling Full TLS Inspection

For the Cloud Application/Access Security Broker (CASB) functionality to operate effectively, Full TLS Inspection must be enabled for the applied security policy. Without TLS decryption and re-encryption, Zenarmor cannot inspect encrypted traffic, which limits its ability to detect and block file uploads in services like Google Drive, LinkedIn, or Instagram.

Figure 2. Enable TLS Inspection

To enable Full TLS Inspection:

  1. Log in to the Zenarmor Dashboard.

  2. Navigate to the Policies page on your Zenarmor node.

    Figure 3. Policies Page

  3. Click on the policy name (e.g., Default) to open the policy configuration window.

    Figure 4. Default Policy Details

  4. Navigate to the TLS Controls tab within your Zenarmor policy configuration.

    Figure 5. TLS Controls Page

  5. Enable the option Enable Full TLS Inspection (TLS decrypt/re-encrypt) for this policy.

  6. Confirm and Apply Changes.

    Figure 6. Enable Full TLS Inspection

Additionally, for TLS Inspection to function correctly on client devices, you must install the Zenarmor-generated CA certificate on each endpoint machine. Without this step, HTTPS traffic may be flagged as insecure or fail to load in browsers. Zenarmor provides official guidance for deploying the certificate to different platforms.

note

TLS Inspection allows Zenarmor to decrypt HTTPS traffic, apply security policies, and re-encrypt the data before forwarding it to the destination. Be aware of legal and compliance considerations when inspecting user traffic, as some jurisdictions may require consent.

2. Block File Upload Actions for Cloud Applications

In this section, you’ll learn how to configure Zenarmor policies to block file upload actions for specific cloud applications. This allows you to prevent data leakage without disabling the entire service.

  1. Log in to the Zenarmor Dashboard.

  2. Navigate to the Policies page on your Zenarmor node.

  3. Click on the policy name, such as Default, that you want to configure. This will open the policy configuration window on the right side of the page.

  4. Navigate to the Cloud Access tab within your Zenarmor policy configuration.

    Figure 7. Default Policy – Cloud Access

  5. Find the target cloud application (e.g., Facebook, Instagram, Linkedin, Yahoo etc.).

  6. Click the arrow next to the application name to expand the list of specific actions.

  7. Locate actions related to file upload (e.g., Upload File, File Upload for Post, Add Document Media, Mail Attach File).

  8. Use the toggle button to switch the action status from Allowed to Blocked.

    Figure 8. Block File Upload Actions for Facebook

    Figure 9. Block File Upload Actions for Instagram, LinkedIn, and Notion

    Figure 10. Block Mail Attach File Action for Yahoo

  9. Click Apply Changes to activate your policy.

tip

Blocking only the file upload actions helps reduce data leakage risks without completely disabling access to the application for legitimate business use.

3. Testing and Validating Blocked Uploads

After applying your policies, test them to confirm that file uploads are being successfully blocked. To ensure that the policy is working, attempt to upload a file to a blocked service. If the file upload is prevented, the configuration is successful.

Testing Facebook File Upload Blocking

This test verifies whether Zenarmor successfully blocks file uploads on Facebook, preventing users from sharing images or files through posts.

  1. On a test machine (such as a VM in your lab environment), open a web browser.

  2. Attempt to perform file upload actions on Facebook.

  3. Observe whether the browser displays a security warning or prevents the upload from proceeding—this indicates that the policy is active. When attempting to upload an image to Facebook, the file is visibly rejected with an error message such as: "Oops! Your file can't be uploaded."

    Figure 11. The Upload for Facebook was Blocked

  4. Check Live Sessions to confirm that the file upload traffic is successfully being denied.

  5. By selecting the magnifying glass icon, you can access more comprehensive details.

    Figure 12. Viewing Live Sessions for Facebook

    Figure 13. Viewing Live Sessions Details

Testing Linkedin File Upload Blocking

This section demonstrates how Zenarmor blocks document uploads on LinkedIn, helping organizations prevent sensitive file sharing via social media posts.

  1. Try to share a document via a post on LinkedIn. If blocked, an error such as the following will appear: "Sorry, something went wrong. Remove and try again."

    Figure 14. The Upload for LinkedIn was Blocked

  2. Open Live Sessions and look for traffic to LinkedIn.

  3. Click the magnifying glass icon to confirm the blocked action.

    Figure 15. Viewing Live Sessions for LinkedIn

    Figure 16. Action Details From Session

Testing Instagram File Upload Blocking

This test confirms whether Zenarmor policies are effective in blocking media uploads on Instagram, which could otherwise lead to unintentional data exposure.

  1. Attempt to upload a photo or video on Instagram.

  2. Open Live Sessions to verify that the upload traffic was denied.

  3. Use the magnifying glass icon to inspect session details.

    Figure 17. The Upload for Instagram Was Blocked

    Figure 18. Action Details From Session

Testing Notion Share Blocking

This example shows how Zenarmor detects and blocks file-sharing attempts in collaboration tools like Notion.

  1. Attempt to share content in Notion.

  2. Check Live Sessions to see if the action was denied.

  3. Inspect session details for confirmation.

    Figure 19. Viewing Live Sessions for Notion

    Figure 20. Action Details From Session

Testing Yahoo Mail Attach File Blocking

This test ensures that Zenarmor blocks file attachments in Yahoo Mail, reducing the risk of data leakage through email.

  1. Compose a new email in Yahoo Mail and try to attach a file.

  2. If the file is blocked, verify the action in Live Sessions.

  3. Click the magnifying glass to view action details.

    Figure 21. Live Sessions View for Yahoo Mail File Attachment

    Figure 21. Action Details From Session

Conclusion

Enabling CASB on Zenarmor is a critical step in preventing data leakage and securing cloud-based operations. By blocking file uploads to unauthorized cloud applications, organizations can significantly reduce the risk of sensitive data exposure. Regular updates and monitoring are essential to maintaining a secure cloud environment.

For further assistance or to request support for additional applications, please contact Zenarmor support.

Last updated on by Zenarmor