G Suite Google Drive DLP

Over 6 million organizations are currently utilizing g Suite, one of the main cloud-based informing stages over the globe. The G Suite comes in three variations for its clients, i.e., Basic, Business, and Enterprise. A large portion of the propelled security controls come in the Enterprise form of G Suite. It turns into an obstruction for G Suite Basic and Business clients to execute the security controls, which are fundamental from information security, consistency, and guideline viewpoint.

style switcher

CloudCodes becomes a perfect solution for G Suite Basic and G Suite Business customers as the security controls required by the organization to overcome the security challenges are fulfilled. One such feature is G Suite Google Drive data loss prevention(Email DLP) that is provided by CloudCodes security solution for G Suite DLP.

CloudCodes G Suite Google Drive DLP provides an easy and straightforward solution that can be configured within hours on the G Suite domain. CloudCodes DLP framework allows IT to configure various policies for different sets of users based on business and compliance requirements.

CloudCodes uses two different approaches to bring control to Google Drive.

  • Agent-based
  • Agentless

Agent-Based Approach

An agent-based approach, CloudCodes agent, is installed on the end-user machine. The agent acts as a web proxy, i.e., the web traffic of applications that need to be monitored are passed through the agent. Other traffic can be redirected directly to the web without passing through the agent. The agent doesn’t store any content that it inspects. The following features are provided through the agent.

Sharing across OU

Sharing across OU:

this allows the IT to ensure documents across departments cannot be shared. E.g., the Finance department users cannot share documents with the operation team.

Delete

Delete:

the IT can track/block the deletion of documents. There are times when the user tries to delete the records intentionally/unintentionally. The materials are the assets of the organization.

External Sharing of documents:

External Sharing of documents:

the IT can control in real-time track/block sharing of documents with blacklisted domains such as personal domains or competitor domains etc-etc.

Personal Gmail block

Personal Gmail block:

the IT can now block access of personal Gmail within the enterprise network or on company-owned devices while allowing access to enterprise Gmail.

Download

Download:

the IT can track/block the download of documents. This is one of the important aspects of security to ensure enterprise assets are not downloaded on unapproved devices.

Clipboard operations

Clipboard operations:

the IT can now also block clipboard operations such as copying content from Google Drive documents to external G suite applications such as notepad or third-party websites.

Agentless Approach

In the agentless approach, CloudCodes uses the API provided by Google Drive to poll on the events on a Google Drive document. IT can configure multiple policies for various sets of users to overcome the challenges of data loss prevention. The agentless approach allows the action to be taken in near real-time. The following rules can be configured.

Sharing to an external organization

Sharing to an external organization:

if a user tries to share documents outside the organization, such as to a competitor.

Sharing to personal ID's

Sharing to personal ID's:

if a user tries to share documents with their email ids such as gmail.com, aol.com or outlook.com, etc-etc.

External Sharing of documents

External Sharing of documents:

the IT can control in real-time track/block sharing of documents with blacklisted domains such as personal domains or competitor domains etc-etc.

Document contains keywords

Document contains keywords:

if a document contains a predefined keyword or regular expression.

The admin can configure the following actions as part of remedial measures.

Revoke permissions

Revoke permissions:

revoke permissions of all users except the owner. It ensures if a user tries to share a document with a personal email id or another domain, the document sharing permissions can be immediately revoked in near real-time.

Notify Reporting Manager

Notify Reporting Manager:

a notification will be sent to the reporting manager of the sender on the DLP, as mentioned in the rules.

An email containing keywords

Notify Super Admin:

a notification will be sent to the CloudCodes super admin.