All organisations have confidential data that they need to keep secure, that is why Google for Work already helps admins manage information security with encryption, two-factor authentication , sharing controls, and mobile device management. However it is the actions of users which can compromise such tools, such as hitting ‘reply all’ on an email, when they meant to send a private message.
But there is good news for Google Apps unlimited users, as of yesterday Google added Data Loss Prevention (DLP) for Gmail, adding an additional layer of protection to help prevent confidential information being sent to people who should not see it.
For example, many companies will have policies in place stating that customer credit card information should not be shared with their suppliers. This information can now be kept safe; admins can set up a DLP policy by selecting ‘Credit Card Numbers’ from a selection of predefined content detectors. This will mean that Gmail’s DLP will check all outgoing emails, and those containing the credit card details will be dealt with as specified, such as being quarantined, telling the sender to review, or blocking the email from being sent. These policies can be set to specific departments and will also apply to common attachment types, additionally admins can create custom rules with keywords.
More information on how to get started, including the full list of predefined content creators, can be found in the DLP Whitepaper.
This move is the first in a series of long-term investments to bring rule-based security across Google Apps, and is an addition to many security and privacy enhancement Google has made in 2015, which include the following:
- Google was one of the first cloud providers to invite an independent auditor to show that their privacy practices for Google Apps for Work and Google Apps for Education comply with the latest ISO/IEC 27018:2014 privacy standards. These confirm that they don’t use customer data for advertising.
- They introduced Security Keys to make two-step verification more convenient and provide better protection against phishing.
- For Google Cloud developers, the Cloud Security Scanner allows you to easily scan your application for common vulnerabilities (such as cross-site scripting (XSS) and mixed content).
- They published the Safer Email Report to give more transparency on how email security, even beyond Gmail, is changing over the years.
- Google introduced new sharing features, alerts and audit events to Google Drive for Google Apps Unlimited customers. For example, administrators can now create custom alerts and disable the downloading, printing or copying of files with Information Rights Management (IRM). New sharing settings give employees better control within their organization unit and now admins can let them reset their own passwords.
- The launch of google.com/privacy gives better control over personal data and Android for Work makes it easier to keep personal and work data separate on employee devices.