for Work

INTRODUCING

Google Data Loss Prevention for work

Data loss prevention made easy We all care about keeping our data safe and private. Google DLP keeps sensitive data from slipping out of your organization.

PII

Google Apps for Work helps admins manage security needs across all information with features like encryption, audit reports, sharing controls, mobile management, and two-factor authentication. Data Loss Prevention (DLP) adds another layer of protection to prevent sensitive or private information from leaking outside of an organization. Gmail DLP is a tool that enables rules to prevent people from either accidently or maliciously sending confidential data and is the first step in a long term investment to bring rule based security across Google Apps. We’re working on bringing DLP to Google Drive in 2016, along with other rule based security systems.

Why is Gmail DLP important? Email is the main way people communicate at work. In fact, In 2015 over 200 billion emails were sent and received each day worldwide.1 And organizations are custodians of a lot of sensitive data, which includes both proprietary (e.g intellectual property) and third-party data (e.g. customer personally identifiable information (PII)). The cost of data leaks can be large, in the form of intellectual property loss and costly litigation. Interestingly, a large percentage of data leaks happen accidentally -- someone replies all when meaning to send a private message, chooses a client instead of teammate who has a similar name, or doesn’t realize how confidential certain data is. When these mistakes happen, Gmail DLP helps Google Apps customers prevent losing data.

Company Policy

1

Admin Sets Rules

Employees send emails

“Email Statistics Report, 2015-2019” published by The Radicati Group

DLP checks content for all rules

for Work

How Gmail DLP works Organizations may have a policy that the Sales department should not share customer credit cards externally. And to keep information safe, admins can easily set up a DLP policy by selecting “Credit Card Numbers” from a library of predefined content detectors. Gmail DLP will automatically check all outgoing emails from the sales department and take action based on what the admin has specified: either quarantine the email for review, tell users to modify the information, or block the email from being sent and notify the sender.

Attachment scanning These scans don’t just apply to message subject and copy, but also to content inside common attachment types―such as documents, presentations, and spreadsheets. Gmail DLP identifies each file type through a binary scan to provide more accurate data than relying on the supplied file extension, which can be inaccurate. Text is then extracted from the attachment using an algorithm specific to the file type, and processed via the DLP algorithm.

for Work

How to set up a DLP rule 1. Set the scope 2. Specify conditions to check for 3. Specify the appropriate action

Set the scope Scope determines which set of users in your organization the rule applies to. • • • •

Apply the rule to every message and employee Apply based on department or organizational unit Apply to only outgoing messages Apply to recipients to check incoming mail as well

DLP Rules

Scope Settings:

Specify conditions to check for Specify what the rule should check for using a combination of predefined and custom detectors. Custom content detectors Custom detectors (e.g. confidential project keywords) can be used to cover additional use-cases. And can be combined with predefined content detectors. Predefined content detectors Admins can choose from a library of predefined content detectors to easily setup DLP rules without having to specify their own regular expressions (regexes) or keywords. These detectors have intelligent logic that goes beyond simple keyword or regex matching. This helps reduce false positives or negatives.

CANADA Quebec Health Insurance Number (HIN) Ontario Health Insurance Plan (OHIP) British Columbia Personal Health Number (PHN) Social Insurance Number (SIN) UNITED KINGDOM Driver’s License Number National Health Service (NHS) Number National Insurance Number (NINO)

FRANCE National ID Card (CNI) Social Security Number (NIR)

UNITED STATES Social Security Number Driver’s License Number Drug Enforcement Administration (DEA) Number ABA Routing Number National Provider Identifier (NPI) CUSIP

GLOBAL Credit card number Bank account number (IBAN) Bank account number (SWIFT)

We’ll continue to add additional detectors to cover other countries and verticals over time.

for Work

Specify the appropriate action For messages that trigger the rule, admins can specify the appropriate action to take. Modify messages Admins can add modifications to a message that are still OK to send. So if, for instance, employees send confidential information to each other that should not be sent externally, admins can choose to automatically append [INTERNAL ONLY] to the message subject to prevent the email from being forwarded outside the organization. Quarantine messages When messages are quarantined, a chosen moderator, such as a member of the policy team, can review the email before it is either delivered or held back. Inbound message can also be quarantined for review. The intended recipient has no indication of the message until the administrator releases it for delivery. Admins can allow or reject the message, or do nothing and the message will expire in 30 days. Reject messages Automatically reject the message if you know this information should never be sent, no exceptions. And to educate the sender, admins can craft/ customizable a notice and link relevant policy documents or online resources to send when a message is rejected to avoid future mistakes.

Tips

Test your DLP rules before applying to live traffic to make sure they cover the desired use case When introducing a new rule, start by quarantining any matches (vs automatically rejecting) to review false positives Set policies for specific groups and organizational units, for easy targeting for Work

FAQ What if I am interested in a preset identifier which is not currently available? We are working to broader our identifier portfolio over time to include additional countries and target industries. Please file a support case if you have a request for specific identifiers, or suggestions for improving current identifiers.

DLP for Gmail is great, but Google Apps is a platform, what about other services? We understand that customers want to protect data, not individual services. We are working to expand our DLP offering to Drive and other services.

What does Google’s DLP service cost to use? DLP is included at no additional charge with Google Apps for Work Unlimited, which costs $10/user/ month and includes unlimited storage, advanced audit and reporting capabilities and Google Apps Vault for eDiscovery and retention.

How can I learn more about Google Apps security and compliance? The Google for Work Security and Compliance Whitepaper describes how Google protects your data, meets regulatory and compliance needs, and empowers users and administrators.

Who owns the data I put into Google Apps? To put it simply, the data that companies, schools and governments agencies put into our systems is theirs, whether it’s corporate intellectual property, personal information or a homework assignment, Google does not own that data.

for Work

Learn More Already a Google Apps for Work customer? Gmail DLP is included with Google Apps Unlimited, so get started

Get Started

If you are not already a Google Apps for Work customer, you can start a free 30-day trial.

DLP Whitepaper Services

A description for this result is not available because of this site's robots.txt

268KB Sizes 9 Downloads 346 Views

Recommend Documents

Cloud Whitepaper Services
The Canada PIPEDA. 1.1 Google Cloud and the Canada PIPEDA. 2 . Security and Trusted Infrastructure. 2.1 Google data centre infrastructure redundancy .... Certificate. • ISO 27018, Cloud Privacy, is an international standard of practice for protecti

Cloud Whitepaper Services
Disclaimer. Introduction. 1. The Canada PIPEDA. 1.1 Google Cloud and the Canada PIPEDA. 2 . Security and Trusted Infrastructure. 2.1 Google data centre infrastructure redundancy. 2.2 Google data centre security. 2.3 Data in transit. 2.3.1 Between a c

Cloud Whitepaper Services
3.2 What data will be processed by the service provider on behalf of the financial institution? 3.3 How do we seek to address some of ... Prudential Standard CPS 231 · Outsourcing, and does not consider any other laws that may be applicable. .... sup

Cloud Whitepaper Services
Identity Management. Services. Manage the security of and access to cloud assets, supported by Google's own protection of its infrastructure. Machine Learning. Fast, scalable and easy to use modern machine learning services, with pre-trained models a

Identity whitepaper Services
A description for this result is not available because of this site's robots.txtLearn more

Google Clickstream whitepaper Services
No information is available for this page.Learn why

E02117283 Cross-device Methodology Whitepaper ... Services
The consumer journey has become more complex, spanning multiple devices, channels, and media types. Because 90% of people start an activity on one ...

E02117283 Cross-device Methodology Whitepaper ... Services
device conversion tracking in AdWords for search and display advertising. Cross-device ... conversions would need to be 95% confident that the real result is between 90 and 110. Here's what happens in more ... Date — Rates for previously signed-in

Encryption Whitepaper
As computers get better and faster, it becomes easier to ... Table 1 details what type of data is encrypted by each G Suite solution. 3. Google encrypts data as it is written to disk with a per-chunk encryption key that is associated .... We compleme

Whitepaper - STeX
If any two coins are listed on STeX, you can trade one against the other ... with some predicting a possible increase to a $200 billion market cap by the end ... Bitcoin today - while data from other sources, such as Coinbase and ARK ...... KeyCAPTCH

Whitepaper - BABB
the upcoming GDPR regulation in the E.U., and will have to completely redesign how they collect, use, and ... BABB will offer a bank account on the BABB platform, compliant with UK regulations, available to any eligible ... This presents a huge. 4. 4

AidCoin Whitepaper
a $12M social network and tour operator for students in Italy, with 3M followers on. Instagram and Facebook, employing 70 ... enable recovery in Haiti despite receiving $500 million in donations following the. 2010 earthquake. .... to manually input

Whitepaper - STeX EXCHANGE
explosive growth in recent years that no existing crypto exchange is capable of ... Have you tried to switch between coins, following trends in emerging tokens ? ... STeX's own cloud cluster is physically hosted in many countries to prevent the .....

G DATA Whitepaper Vorlage
Unlike iOS or Windows Phone,. Android is an open source operating system. Because of this freedom, numerous app stores run by third-party providers have.

WHITEPAPER- DatocoinENG.pdf
Page 1 of 14. WHITEPAPER. Datocoin. https://datocoin.biz. Versión Final. This Whitepaper and the information available in this document should be considered. as a merely informative document that describes the technical and commercial aspects. of th

WhitePaper ENG.pdf
Transparency and openness are primarily due to the fact that all parties can access the same. information (on decentralized sections of the network).

Google Correlate Whitepaper
Jun 9, 2011 - Here, we present an online, automated method for query selection that does not require such prior knowledge. Instead, given a temporal or ...

Whitepaper[EN].pdf
services cannot be seen without mobile platforms, based on social ... whereas it is more cost-effective to pay for each client or his actions ... propose an offer based on the mild factors. Bellow, here is a. study comparing the importance of factors

dlp-Marie-Anita-Gaube.pdf
There was a problem previewing this document. Retrying... Download. Connect more apps... Try one of the apps below to open or edit this item.

P2P Whitepaper
Dec 6, 2000 - of the role of automated software agents in a peering infrastructure. ... phone a service technician can be alerted to a service call, obtain driving ...

WHITEPAPER ENG.pdf
countries of Latin America and Spain, Google + was released in June 2011. We plan to launch the first decentralized social network in which your you will receive. rewards for clicks on ADs, videos, fill out surveys, this launch is planned for mid-201

0629 Whitepaper - coss.io
Jun 8, 2017 - email once brought about thanks to the blockchain technology. Bitcoin has .... payment gateway / POS, an exchange, a merchant list, market cap rankings, a marketplace, an e-wallet, ...... downloaded in the PDF format.

Whitepaper English.pdf
Social networks are internet sites formed by communities of individuals. who share interests or activities, since they may share ... Latin America and Spain and Google + was launched in June 2011. We plan to launch the first decentralized social ...