Mountain View is improving Google for Work security to better protect businesses that use its services, such as Gmail, with the introduction of Data Loss Prevention.
Google for Work already has a set of specific security implementations, such as encryption, mobile device management, two-factor authentication and sharing controls, in place for system administrators of corporate clientele to better manage information security. However, there is one thing that can hardly be accounted for even with all these features, and that is human error.
There are countless cases when sensitive information, such as HR-to-employee emails and trade secrets, get accidentally sent to parties who shouldn’t have a copy. Even just a simple reply can be screwed up through the “Reply all” function, which sends a copy of the reply to everyone in a conversation group. These scenarios happen and it is what DLP will try to address.
“Starting today, if you’re a Google Apps Unlimited customer, Data Loss Prevention for Gmail will add another layer of protection to prevent sensitive information from being revealed to those who shouldn’t have it,” Google says.
Aside from the instances cited above, businesses can also set DLP policies to better protect clientele info, such as credit card details. Admins can seamlessly do this by choosing “Credit Card Numbers” that is within a library of predefined content detectors. Common formats for documents, spreadsheets and presentations are supported.
But this is just the tip of the iceberg. Admins can make their own unique rules using regular expressions and keywords to regulate email text and attachments, along with their content. For instance, administrators can set automatic checks for all outbound emails from the sales department. Based on the checks assessment that uses the specified keywords and expressions, a corresponding action can be set. If there are hits, emails can be quarantined for reviews and then sent back to the creator or sender to have it edited or the administrator can have it blocked. In either case, a notification will be sent to the creator.
Google provides a whitepaper (PDF) that contains an elaborate explanation of DLP, which includes instructions on how to get started on the new rule-based security tool and the list of content creators. Mountain View also notes that DLP is the first step in a long-term investment that will implement rule-based security to the Google universe of apps. In fact, come 2016, Google will have DLP for Google Drive.