This article covers DLP Policy for Gmail. If you need a DLP Policy for Google Drive check out our video about BetterCloud (and here is BetterCloud’s marketplace listing)

Google just announced a huge update to their DLP features for Gmail.

For those unfamiliar, DLP (which is an acronym for Data Loss Prevention) is a system that can scan text for sensitive information such as credit card or social security numbers and then catch outgoing emails that contain such info. Obviously this is huge for security, as it is impossible for an IT Admin to screen every email manually. Below is a diagram showing how it works.

So what did Google just update? While DLP has been able to scan the body of an email and even text-based attachments such as Google Docs and Sheets since its release last year, the update will expand this functionality to images of text as well. Using Google’s Optical Character Recognition technology, even a picture of a credit card number can get flagged by a DLP system and prevented from being sent.

In addition to image scanning technology, they have also added more granular parameters for the administrator to take advantage of when setting up a DLP policy on their domain. The first of these new parameters is the count parameter, which will control how many pieces of sensitive information contained in an email will trigger the policy. There will also be a confidence parameter, which measures how similar the content has to be to your predefined criteria to get flagged.

DLP is a major cornerstone of a competent security strategy. Beyond implementing it for Gmail, I would also recommend using BetterCloud to implement a DLP policy for Google Drive.