Security Added to Improve Data Loss Prevention (DLP) in Google Drive
By the end of this article we have understood, the new security has been added to prevent data loss from google drive. Advanced detection policy has been added to provide more advanced features to detect deeper content.
Google has developed a new data loss prevention (DLP) system that will make it easier to deploy more advanced detection policies for content on Google Drive. The Drive DLP functionality can be found in the Admin console followed by Security followed by Data Protection.
Key updates include:
Advanced detection policies that enable more detailed rules and compliance using nested conditions, volume-based detection, fine detection thresholds, and many more.
New DLP incident management dashboard to see the incident trends view detailed reports, and many more.
Simplified deployment with more flexibility, roles-based access for admins, and more.
The new DLP system is separate from the legacy Drive DLP system. Currently, the new DLP system (at Admin console > Security > Data Protection) shall present alongside the legacy DLP system (at Admin console > Rules). Compliance created in the new system will be separate from rules in the legacy system, and both will continue to work simultaneously. Admin can migrate legacy DLP rules to the new DLP by manually creating a new rule in the DLP and then deleting the legacy DLP rule. When you perform this migration, Google suggests reconfiguring them to use the more advanced functionality offered by the new DLP System. Admin will only be affected.
Protecting your company’s confidential data is critical. Drive DLP supports this by giving control over what end users can share and prevents sensitive information. Admin can put restrictions on sharing sensitive content outside of the domain on a per-file basis. Admin can also use the system to get alerts about policy violations and DLP incidents as well as to investigate the information on the policy violation. Google has introduced this new system to provide a more advanced way for you to configure DLP for Drive, going beyond the previously announced Drive DLP systems (DLP for Drive, and DLP for shared drives). Admin can use it to make the deployment more powerful and flexible with more granular policies customized for the specific needs of your organization. DLP policies combined with added deployment flexibility, it will be easier to deploy more advanced DLP policies that add visibility and control over data.
Advanced detection policies The new Drive DLP system provides more advanced features to help admins configure deeper content detection rules including:
Nested conditions with AND, OR, and NOT - we can now define complex DLP rules leveraging a wide range of conditions.
Volume-based detection - by enforcing DLP actions based on the number of violations for reducing the volume of the incidents.
Finer detection thresholds - Additional detection confidence thresholds help admin to balance DLP settings and reduce false positives.
Targeted Detection - Choose from the option target detection to comments, suggestions, title, body or all content of a Drive file.
Additionally, Admin can now utilize DLP rule templates to quickly author new policies. Templates utilize predefined content detectors, which can be with appropriate threshold levels suitable for the environment.
Incident Management Dashboard The new system includes a Data Loss Prevention dashboard that will help Admins to test, understand, and manage rules and alerts in your domain, by visualisation of incident trends. Features include:
Data Protection Rules: Generate reports without having any rule active, so you can start monitoring the environment without enforcing blocking actions.
New alert delivery options: You can receive alerts for specific rules, including additional members of the organization outside the super admin groups.
Detailed Incident Reports: See more detailed reports for all the Data Loss Prevention actions (block, warn, audit).
Integration indulged with policy investigation tool: Help DLP response teams dig deeper into violations when needed.
Simplified deployment The new system makes it easier to deploy Drive DLP rules with features like:
Roles-based access for Administrators: Assign admins for DLP functions in the Admin console.
Predefined content detectors: Use 90+ predefined rule content detectors to help expand coverage and in a better way to manage policy violations.
Policy exports: Download a copy of DLP policies.
Flexibility for scoping policies: Scope Drive DLP policies to include or exclude specific groups or OUs.