Data Loss Prevention

Welcome back to the Damson Cloud blog! In this week’s video, Damson’s Mark Fraher will be taking us through Data Loss Prevention also known as DLP. Mark will be reviewing what Data Loss Prevention is, how it works and to finish, a short demo on how to set up a DLP rule specifically for Google Drive in the Google Admin panel.

So, if you’re interested in learning more about Data Loss Prevention and how to set this up, stay tuned!

What Is Data Loss Prevention?

To start, we’re going to be taking a look at what exactly Data Loss Prevention is. Data Loss Prevention or DLP can be defined as software which detects potential data breaches and then goes on to prevent these by monitoring, blocking and detecting any further issues over time. 

By using Data Loss Prevention, you are able to create and apply rules which create an element of control over the files users within your organisation can share outside of the business. 

Data Loss Prevention software gives an organisation a way to control and prevent the sharing or leaking of sensitive or confidential data such as credit card information, financial information or personal data.

How Does Data Loss Prevention Work?

As mentioned above, Data Loss Prevention is put in place to control what can and cannot be shared outside of your organisation. It identifies potential risks in organisational security and blocks these before they become a bigger issue.

The way in which Data Loss Prevention works is as follows:

  • DLP rules trigger an alert. This alert will then cause a scan to be taken of the files in question and looks out for sensitive content. The rules which have been set by your organisation will determine the nature of the Data Loss Prevention incident and these incidents will trigger reactions such as blocking the specified content. 
  • You can however allow controlled sharing for certain members of a domain, business or organisation.

The Data Loss Prevention flow works as follows:

  • Your business or organisation defines your DLP rules. These rules will identify which content should be considered sensitive and should therefore be protected. 

Please note: On Google Drive, DLP rules apply to both My Drive and Shared Drives.

  • Data Loss Protection software will then scan your content for potential DLP incidents. If incidents are discovered, these will trigger reactions such as blocking the content from being viewed by users outside of the organisation and alerting the appropriate team members of these violations. 

Please note: The users you would like to be alerted should an incident or violation occur will have to be pre-defined by your organisation. 

How To Create A Data Loss Prevention Rule On Google Admin Console

We’re now going to walk you through how to create a DLP rule on Google Admin Console. This can be done using the following steps:

  1. Firstly, we’re going to open up the Google Admin Console homepage.
  2. Next, we are going to click on the Security heading on the left hand side of the screen
Data Loss Protection
Creating a data loss protection rule on Google Admin Console. Image Credit: Damson Cloud

3. When you select the Security heading, a dropdown menu will appear. From here, you should select Access and Data Control and then click on Data Protection as shown below

Data Loss Prevention
Data loss protection rules are put in place to control what can and cannot be shared outside of your organisation. Image Credit: Damson Cloud

4. Once you have done this, select Manage Rules and from here, select Add Rule. We are then going to select New Rule to allow us to add a rule which doesn’t currently exist in our Admin Console

5. You will now be prompted to give your rule a name as seen below in the Name section of the page. The name can be anything you like, but we would advise naming it something in relation to the rule you are creating. 

Data Loss Prevention
Data loss protection rules on Google Admin Console must be given a name. Image Credit: Damson Cloud

6. Next, we’re going to look at the Scope section of the page. Here, you can select the users or groups that your rule will apply to. You can select everyone in your Google Admin account or you can search for individuals if the rule should not apply to all users. When you are happy with your chosen groups, click Continue to proceed with the next section. 

Data Loss Prevention
Here, you can select the users or groups your rule should apply to. Image Credit: Damson Cloud

7. Next, you will be asked to select which Apps you would like to apply your rules to. This can be either Google Chat or Google Drive. Once you have chosen one or both apps, select Continue to proceed

8. Following on from this we have the Conditions page. This is where you will be able to add conditions to define the data we would like our rule to scan for. We recommend selecting All Content to ensure potential breaches are easily identified. 

9. On the What To Scan For heading, we recommend selecting ‘Matches Predefined Data Type’ 

10. In the Data Type field, you can define the type of data you would like your rule to identify. You can also select the likelihood threshold that this type of data will appear, which then causes your rule to identify and alert selected users of any potential breaches

11. You will now be asked to select a Minimum Match Count. This refers to the amount of times a particular piece of data has been identified before an alert is triggered.

Data Loss Prevention
The minimum match count takes into account the number of times a rule will be triggered before an alert is sent. Image Credit: Damson Cloud

12. The next step looks at the Actions that we would like to be taken from these files when our selected rule has been triggered. We recommend selecting Block External Sharing to prevent potential leaks of private information outside of your organisation. 

13. Once you’ve selected an appropriate action for you, choosing an Alert is next. This allows you to select the severity level of the alert that will be sent out should a rule be triggered. Here, you can also choose to select extra administrators that you would like to be alerted should a breach be identified.

Data Loss Prevention
At this stage, you can choose the severity of the alert that will be sent out if data has been compromised. Image Credit: Damson Cloud

14. Lastly, you will be shown an overview of the rule you have just created to review all of the details before saving this to your Google Admin Console. Once you are happy with your choices, select the Create option at the bottom of the screen and the rule will be enforced immediately

Data Loss Prevention
Once you have reviewed the details of your rule, select 'Create' and the rule will be immediately enforced. Image Credit: Damson Cloud

Final Thoughts On Data Loss Prevention

We hope you enjoyed this week’s video update on Data Loss Prevention and how to add this to your Google Admin Console. Here at Damson Cloud, we think this is an incredibly important feature to utilise to ensure your organisation’s data remains safe and secure.

As always, we want to hear from you. Is Data Loss Prevention something you or your business have considered before? And will you be adding this to your Google Admin Console? Let us know in the comments or get in touch for more information on how we can help your business with all things Google Workspace related! 

As a longstanding member of the Google Cloud Partner Program, Damson Cloud specialises in bringing people and ideas together through new ways of working. We champion the very best practices in remote working and change management, helping companies and their teams collaborate productively from anywhere in the world. To find out more about our services, check out our library of tutorial videos or our blog.

Workspace
Training Video