Google For Work Now Boasts Gmail Data Loss Prevention - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile // Mobile Applications
09:06 AM
Connect Directly

Google For Work Now Boasts Gmail Data Loss Prevention

Google for Work customers now have an extra layer of protection against the distribution of sensitive content over Gmail.

Windows 10, New Devices, Exec Shakeup: Microsoft's 2015
Windows 10, New Devices, Exec Shakeup: Microsoft's 2015
(Click image for larger view and slideshow.)

Gmail for years has offered ways to save people from themselves. Mail Goggles, for example, asks Gmail users to solve simple math problems before sending messages, to help catch inappropriate or ill-considered sentiment. Undo Send offers a chance to recall messages sent in haste. But such whimsical safety nets don't really address the needs of business customers.

Now enterprise users of Gmail have their own mechanism for limiting the distribution of sensitive content. On Wednesday Google added Data Loss Prevention to Gmail for those using Google for Work.

Data Loss Prevention is designed to identify content in email -- in the message or in an attachment -- that violates corporate policy and to take whatever action has been specified by the administrator. Actions may range from quarantining the message for review, directing the sender to modify the message, or blocking the message and notifying to the sender.

(Image: Google)

(Image: Google)

"Organizations may have a policy that the Sales department should not share customer credit card information with vendors," explains Suzanne Frey, director of security, trust, and privacy for Google Apps, in a blog post. "And to keep information safe, admins can easily set up a DLP policy by selecting 'Credit Card Numbers' from a library of predefined content detectors."

Gmail DLP supports custom rules and regular expressions.

DLP has been a long time coming. In 2007, Google's Postini group offered a limited form of DLP called "logical expressions" for Gmail business customers. But it didn't meet the needs of many organizations. In 2012, Google began encouraging Postini customers to migrate to Google Apps for Work, based on the understanding that business customers could expect feature parity. But to use effective DLP, customers had to look to other providers.

[Read Gmail Gets Blocking Option.]

Frey says that Gmail DLP represents one step in a long-term effort to extend rule-based security across Google's product line. The company plans to bring DLP to Google Drive next year, along with support for other rule-based security systems.

Cloud security has become critical for customer trust since the 2013 Edward Snowden disclosures sowed doubt about the safety of data held by cloud companies. Other security-related improvements implemented by Google this year include the addition of SAML and OIDC support to Google Apps Identity Services in October; the expansion of mobile device and mobile app management tools in September; the ability to add customer-supplied encryption keys to Google Compute Engine; and the launch of Android for Work.

**Elite 100 2016: DEADLINE EXTENDED TO JAN. 18, 2016** There's still time to be a part of the prestigious InformationWeek Elite 100! Submit your company's application by Jan. 18, 2016. You'll find instructions and a submission form here: InformationWeek's Elite 100 2016.

Thomas Claburn has been writing about business and technology since 1996, for publications such as New Architect, PC Computing, InformationWeek, Salon, Wired, and Ziff Davis Smart Business. Before that, he worked in film and television, having earned a not particularly useful ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Ninja
12/22/2015 | 2:15:45 PM
Creepy cool
That is both very cool and little creepy. Kind of like Google is reading your sensitive mail, even though no one will ever  set their eyes on it. that could really help slow down phishing attacks and general 'oops, I didn't know that file had secure info in it' type of mistakes. Since users are still the most likely way attackers get sensitive information this is one way  to mitigate that.
How GIS Data Can Help Fix Vaccine Distribution
Jessica Davis, Senior Editor, Enterprise Apps,  2/17/2021
Graph-Based AI Enters the Enterprise Mainstream
James Kobielus, Tech Analyst, Consultant and Author,  2/16/2021
11 Ways DevOps Is Evolving
Lisa Morgan, Freelance Writer,  2/18/2021
White Papers
Register for InformationWeek Newsletters
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you.
Flash Poll