Suitebriar Blog

Safeguard Email & Drive Data with Google Workspace Data Loss Prevention (DLP)

Written by Steve Newman | Oct 21, 2022 1:09:13 PM

 

Security is at the top of mind in today's digital world. Whether you build or use applications or you are concerned about user data, how it is handled, and how it is shared - data is everywhere. When talking about data security, there are almost endless topics to cover.

 We'll cover four key topics in our latest series on security & privacy: Protect your Organization’s Security & Privacy with Google Workspace Advanced Security Features. In Part 1, we are focusing on Data Loss Prevention or DLP. 

Data loss prevention capabilities are designed to detect and prevent unauthorized use and transmission of information. DLP is often used to prevent the sharing of sensitive information like social security numbers or banking information. DLP is required in some highly regulated industries but should also be considered even if your organization is not required to implement policies. For example, you can use DLP to prevent data from leaving the organization, or you may just want to audit certain types of content. 

Watch our latest how-to video to learn how you can Safeguard Email & Drive Data with Google Workspace Data Loss Prevention (DLP). 

 

Getting started with DLP for Gmail & Google Drive

In this demonstration, we will utilize Google Workspace DLP for Gmail and DLP for Google Drive. Google Workspace DLP rules give you numerous ways to customize settings based on your specific needs. 

What are content detectors?

Google provides predefined content detectors that can be utilized to find specific content. Social security numbers and driver's license numbers are two example content detectors. Numerous content detectors are available, sourced from all across the world. Google also provides a list of all content detectors, and it is publicly available. With Google Workspace DLP rules, you can look for specific text strings or even use your own regular expression. You can also use a combination of these options in one rule.

How to block the sharing of sensitive data via email.

Also covered in our demonstration is how to create a DLP rule for Gmail that blocks an email if it contains a social security number or other sensitive data types. This rule will block an email from being sent if it contains a social security number. If an end user attempts to send an email that contains sensitive data such as a social security number, the user will receive a message notifying them that the message can not be sent.

How to block the sharing of sensitive data via Drive.

The video also highlights how to create a rule that blocks the external sharing of materials from Google Drive if the file contains a bank account number or other sensitive data types. You’ll see in the video that we leverage a DLP template rule to create this Google Drive rule. Google provides multiple rule templates that simplify rule creation and allow users to designate the specific data they want to block. 

In our example, the rule we created blocks external sharing when financial information is found within a file. The rule will also alert the specified admins when the rule is triggered. If a user does try to share content that contains a bank account number, they will receive a notification letting the user know they can't share the content outside the organization. 

These are just two examples of how to use Google Workspace Data Loss Prevention in Gmail & Google Drive. If your organization uses Google Workspace, we highly recommend implementing DLP policies for sensitive data. As a Google Cloud Partner with a Specialization in Work Transformation, our seasoned team is available to help you implement DLP within your organization. Schedule time with our team here.

Be sure to check back next week for part II in our Security Series: Control Access to Google Apps & Services with Context-Aware-Access (CAA).

Steve Newman Bio: I love sports and technology.  I graduated from the University of Georgia where I was a member of the men’s basketball team.  After college I traveled the world playing basketball.  When my basketball career was over I moved into the technology world. 

I have worked for small early-stage startups and some of the largest companies in the world. I’ve been working in the Google Ecosystem both as a partner and as a Googler for over a decade now.