Create data protection rules

Receive notifications about Drive activity

Data protection rules are custom rules that are created by domain administrators from the rules page. You can use these rules to be notified of specific activity related to the use of Drive files within your domain.

To create a data protection rule:

  1. Sign in to your Google Admin console.

    Sign in using an account with super administrator privileges (does not end in @gmail.com).

  2. On the Admin console Home page, go to Rules.
  3. From the Rules page, click Create rule.
  4. From the drop-down menu, select Data protection.
  5. Type a name and description for the rule.
  6. Click Continue.
  7. Select the events that will trigger your rule. For example, under Google Drive, check the File modified box. 
  8. Set the conditions for your rule. For example, specify whether the rule applies to all content within the file, the body, suggestions, or to the title.
    (You can add more than one condition by clicking Add Condition.)
  9. Enter a value for the condition—Contains, Matches default detector, Matches regex detector, or Matches word list detector—and enter the criteria for the condition.
    For additional information, see Examples of regular expressions.
  10. Click Continue.
  11. Select the actions to take when conditions find matches—for example, Block external sharing or Warn on external sharing.
  12. Select the severity: High, Medium, or Low.
  13. (Optional) Check the Send to alert center box. If you want to receive email notifications, add recipients during this step.
  14. Click Continue.
  15. Review the criteria for your rule, and then click Create.

Create data protection rules using predefined templates

You can quickly set up and create data protection rules using predefined templates.

Templates enable you to choose from a list of recommended rules that are based on common use cases and best practices. For example, there are rule templates to prevent the sharing of financial information, health information, and personally identifiable information. 

You can create a rule based on the default settings of a template, or you can customize the template to change the scope, conditions, actions, or alerts.

  1. Sign in to your Google Admin console.

    Sign in using an account with super administrator privileges (does not end in @gmail.com).

  2. On the Admin console Home page, go to Rules.
  3. Click Templates.
  4. Click one of the templates in the list—for example, Prevent financial information sharing (International) or Prevent health information sharing (US).
  5. (Optional) Edit the rule name and rule description.
  6. Choose your rule's scope. You can apply to all in your domain (the default setting), or you can apply to specific organizational units or groups.
  7. Click Continue.
  8. (Optional) Under Triggers, Conditions, and Actions, change or add any settings and click Done. For details, see How to define a rule.
  9. Click Create and activate

Related articles

Was this helpful?
How can we improve it?

Need more help?

Sign in for additional support options to quickly solve your issue

Search
Clear search
Close search
Google apps
Main menu
Search Help Center
true
73010
false