Notification

Duet AI is now Gemini for Google Workspace. Learn more

Scan your email traffic using DLP rules

Supported editions for this feature: Enterprise Standard and Enterprise Plus; Education Fundamentals, Education Standard, Teaching and Learning Upgrade, and Education Plus. If you purchased one of these licenses before March 31, 2017, you can continue to use Gmail DLP until January 31, 2020, as long as you keep the license active.  Compare your edition

Gmail data loss prevention (DLP) lets you use predefined content detectors when scanning inbound or outbound email. Google specifically designed these predefined detectors to locate sensitive data, such as credit card, Social Security, or passport numbers. Predefined detectors are available for many common U.S. and international data types. Here you can see a list of the available predefined content detectors.

Like a standard Gmail content compliance setting, you can use DLP detectors to trigger automatic responses. These include quarantining, rejecting, or modifying a message. You can also combine predefined detectors with keywords or regular expressions to create more sophisticated content compliance policies.

Learn more about the content compliance setting.

A note about accuracy

Predefined content matching is not 100% accurate because not all types of data can be detected with high confidence. For example, credit card numbers can be detected with high confidence by matching a well-defined pattern as well as a checksum. However, ABA routing numbers are detected with medium confidence, because detection relies only on a checksum on 9 digits. 

Predefined content matching doesn’t guarantee compliance with regulatory requirements. As the customer, you can decide which data is sensitive and how to best protect it. Test your settings to make sure they meet your requirements and use the quarantine option to verify content matches.

Tip: To see examples of sensitive content and to test your own content, try the Data Loss Prevention Demo.

Create a DLP setting with predefined content detectors

Before creating a DLP content compliance rule, you might want to review the available predefined content detectors.

  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  2. In the Admin console, go to Menu and then Appsand thenGoogle Workspaceand thenGmailand thenCompliance.
  3. (Optional) On the left, select an organization.
  4. Select Content Compliance:
    • If the status is Not configured yet, point to the setting and click Configure.
    • If the status is Locally applied or Inherited, click Edit or click Add another rule to edit it or add a new setting.
  5. At the top, enter a short description, such as Credit card number detector.
  6. In the Email messages to affect section, select the required types of messages to affect. 
    For example, to limit this setting to outbound mail, uncheck all boxes except Outbound.
  7. In the Expressions section, click Add.
  8. From the list, select Predefined content match.
  9. From the list, select the relevant predefined detector. 
    For example, if you want to scan outbound messages for content that includes credit card information, select Credit card number.
  10. (Optional) Set the following options:
    • Minimum number of matches—The number of times the specified content must appear in a message to trigger the action. For example, if you select 2, at least 2 different credit card numbers must appear in a message to trigger the action. Duplicate appearances of the same credit card number don’t trigger the action.
    • Confidence threshold—An additional measure used to determine whether messages trigger the action. There are two confidence threshold levels:
      • High: Fewer messages exceed the threshold, so fewer messages trigger the action. This might result in more false negatives: More messages being delivered when they shouldn't be. As a result, use this setting if you want messages to be delivered at the expense of occasionally letting messages through when they should trigger the action.
      • Medium: More messages exceed the threshold, so more messages trigger the action. This might result in more false positives: More messages triggering the action when they should simply be delivered. Use this setting if you're not sensitive to messages occasionally triggering the action when they should be delivered.
  11. Click Save.
  12. Choose whether you want to modify, reject, or quarantine the message. To verify content matches, try the quarantine option.
  13. Click Add setting or Save to close the dialog box.

    Any settings you add are highlighted on the Email settings page.

  14. At the bottom, click Save.

Changes can take up to 24 hours but typically happen more quickly. Learn more

Related information

Best practices for faster rules testing

Was this helpful?

How can we improve it?

Need more help?

Try these next steps:

Post to the help community Get answers from community members
Contact us Tell us more and we’ll help you get there
true
Start your free 14-day trial today

Professional email, online storage, shared calendars, video meetings and more. Start your free Google Workspace trial today.

Search
Clear search
Close search
Main menu
10303242627374713663
true
Search Help Center
true
true
true
true
true
73010
false
false