How to set up Drive DLP in Google Workspace

0


Protecting sensitive data is no longer a “nice-to-have” for businesses; it’s a critical necessity. Today where new data breaches are reported almost every day and regulatory compliance is stringent, organizations must proactively defend their valuable information.

One of the most effective ways to do this is by leveraging Data Loss Prevention (DLP) for your file-sharing environment. Imagine preventing the accidental or malicious sharing of confidential financial records, proprietary intellectual property, or sensitive customer data with just a few clicks. This guide will walk you through setting up Drive DLP, empowering you to take control of your data security and ensure peace of mind.

Getting started: Enable Data scanning and report in the Google Admin Console

Before diving into rule creation, ensure data scanning and reporting are enabled. This allows you to monitor DLP detectors and gain valuable insights.

Data protection in Google Admin Console

Step 1. Access the Google Admin Console: Log in using your administrator account.

Step 2. Navigate to Security > Data Protection

Step 3. Enable Data Scanning and Reporting: At the bottom of the page, enable the Data scanning and report setting to have your DLP detectors reported in the Data Protection Insights Dashboards (see screenshot below). We recommend you keep this setting ON for audit and compliance purposes.

Understanding DLP detectors, rules, and actions 

DLP operates through a system of detectors, rules, and actions:

  • Detectors: Identify sensitive content (e.g., credit card numbers, keywords).
  • Rules: Define when and where detectors are applied.
  • Actions: Determine what happens when sensitive content is detected (e.g., alerts, blocking).
Data loss protection actions flow

Creating custom detectors

  • Click Manage Detectors > Add detector
  • Select Regular expression or a Wordlist (depending on your needs)
  • Name and configure the custom detector
  • Creating DLP rules

  • Go to Manage rules > Add rule
  • Select New rule or New rule from template
  • Name and define the Scope of your scans (OUs and groups)
  • Determine the Triggers of events and set Conditions to define sensitive content as refinement steps.
  • Determine the Appropriate Actions (Alert, Action, Severity)
  • Review – Lastly, you get to review the rule and choose whether to activate it or not. After that, your rule has been created.
  • Examples of DLP rules for Google Drive

    Although Google has made it easy to implement DLP rules through default detectors and templates, organizations are able to create their own custom rules and detectors. We will cover an example of each DLP configuration below.

    1. Protect Credit Card Numbers with default detectors

    Adding a new rule in Google Workspace for DLP

    Step 1:  Enter Google Admin ConsoleStep 2: Access Security > Data Protection > Manage RuleStep 3: Click Add Rule > New Rule

    Select the scope of the rule to apply DLP settings to organizational units

    Step 4: Add the name and description for the ruleStep 5: Select the scope of the rule (see screenshot) 

    Add specific conditions to define sensitive content in Google Workspace

    Step 6: Check the File Modified box and add/select: Field– All contentValue – Matches default detectorDefault detector – Global – Credit card numberLikelihood Threshold – PossibleMinimum unique matches – 1Minimum match count – 1

    Select the actions and alerts to enforce in Google Workspace

    Step 7: Select the Action and the Alerts you want to enforce

    Create a DLP rule in Google Workspace

    Step 8: Review and Create Rule

    • Use template to prevent financial information sharing

    2. Use template to prevent financial information sharing

    Add a rule in Google Workspace settings for DLP

    Step 1:  Enter Google Admin ConsoleStep 2: Access Security > Data Protection > Manage RuleStep 3: Click Add Rule > New rule from template

    Select a template to prevent financial information sharing

    Step 4: Select the template “Prevent financial information sharing”Step 5: Select the scope of the ruleStep 6: Review the conditions and create the DLP rule

    3. Protect files containing sensitive keywords (custom detectors)

    Add keywords for a custom detector in Google Workspace

    Step 1:  Enter Google Admin ConsoleStep 2: Access Security > Data Protection > Manage DetectorsStep 3: Click Add Detector and select WordlistStep 4: Fill out name, description and keywords (see screenshot)Step 5: Click Manage Rules > New ruleStep 6: Repeat the same process as stated in example 1 and 2.

    Pro tip!

    • Use the Investigation Tool to view and review the performance of your DLP events and rules (Enterprise only)
    • Use the Alert center to get a summary of the DLP alerts you have configured.

    Secure your Google Workspace today

    You can start your free trial today and gain insight into your file-sharing footprint. (Please note that you must have admin rights to your Google Workspace tenant.)

    Don’t leave your sensitive data vulnerable. Implement Drive DLP and consider enhancing it with marketplace solutions to create a robust data security strategy. Choose the option that best suits your needs, and start securing your Google Workspace today!



    Source link

    [wp-stealth-ads rows="2" mobile-rows="2"]
    You might also like