Data Loss Prevention (DLP) in G Suite Business
All companies want to keep their data secure.Email data loss prevention (DLP) lets you scan your organisation's inbound and outbound email traffic for content, and set up policy-based actions when specified content is detected. Available actions include sending the message to quarantine, rejecting the message, or modifying the message.
DLP uses a set of predefined detectors to evaluate message content. These detectors are available in the Content compliance setting.
If your are a G Suite (Business)Unlimited customer, Data Loss Prevention (DLP) for Gmail will add another layer of protection to prevent sensitive information from being revealed to those who shouldn’t have it.G Suite already helps administrators to manage information security such as encryption, sharing controls, mobile device management, and two-factor authentication.
G Suite DLP Works Process
Domain organisations may have a policy that the particular department should not share customer any secure information such as any credit card externally. To keep this information safe, admins can now easily set up a DLP policy by selecting “Credit Card Numbers” from a library of predefined content detectors. Gmail DLP will automatically check all outgoing emails from the Sales department and take action based on what the admin has specified: either quarantine the email for review, tell users to modify the information, or block the email from being sent and notify the sender.
Emails content for private data, such as credit card details. The tool also looks into objectionable words such as project codes. It's capable of scanning not only text in emails, but also attachments such as documents, presentations and spreadsheets.Admins can also create custom rules with keywords and regular expressions. Also Admin can enable Optical character recognition (OCR) for his domain.
How to set up a DLP rule(Custom)
1. Set the scope
2. Specify conditions to check for
3. Specify the appropriate action
Set the scope
Scope determines which set of users in your organisation the rule applies to.
• Apply the rule to every message and employee
• Apply based on department or organisational unit
• Apply to only outgoing messages
• Apply to recipients to check incoming mail as well
Content detection thresholds controlling
Google is introducing two new detection parameters,for those admins who are seeking refined control over DLP policies:
Count parameter - The count parameter allows customers to set up different DLP policies based on whether a message contains individual or bulk PII. For example, an email containing a single credit card number might be considered a low risk event, while one that contains 100 credit cards is clearly a high risk scenario.
Confidence parameter - The confidence parameter lets the customer tighten or loosen detection criteria for the most commonly used detectors as per their needs.
As mentioned earlier,Available actions for such DLP set rule messages include sending the messages to quarantine, rejecting the messages, or modifying the messages.
Gmail DLP is the first step in a long term investment to bring rule-based security across G Suite. Now Google team is working on bringing DLP to Google Drive early next year 2017, along with other rule-based security systems.