Scan your email traffic using data loss prevention

Gmail DLP is now only available with G Suite Enterprise and G Suite for Education. If you purchased one of these licenses before March 31, 2017, you can continue to use Gmail DLP until January 31, 2020, as long as you keep the this license active.

Gmail data loss prevention (DLP) lets you use predefined content detectors when scanning inbound or outbound email. Google specifically designed these predefined detectors to locate sensitive data, such as credit card, Social Security, or passport numbers. Predefined detectors are available for many common U.S. and international data types. Here you can see a list of the available predefined content detectors.

Like a standard Gmail content compliance setting, you can use DLP detectors to trigger automatic responses. These include quarantining, rejecting, or modifying a message. You can also combine predefined detectors with keywords or regular expressions to create more sophisticated content compliance policies.

Learn more about the content compliance setting.

A note about accuracy

Predefined content matching is not 100% accurate because not all types of data can be detected with high confidence. For example, credit card numbers can be detected with high confidence by matching a well-defined pattern as well as a checksum. However, ABA routing numbers are detected with medium confidence, because detection relies only on a checksum on 9 digits. 

Predefined content matching doesn’t guarantee compliance with regulatory requirements. As the customer, you can decide which data is sensitive and how to best protect it. Test your settings to make sure they meet your requirements and use the quarantine option to verify content matches.

Tip: To see examples of sensitive content and to test your own content, try the Data Loss Prevention Demo.

Create a DLP setting with predefined content detectors

Before creating a DLP content compliance rule, you might want to review the available predefined content detectors.

  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  2. From the Admin console Home page, go to Appsand thenG Suiteand thenGmailand thenAdvanced settings.

    Tip: To see Advanced settings, scroll to the bottom of the Gmail page.

  3. (Optional) On the left, select an organization.
  4. Scroll to the Content compliance setting in the Compliance section:
    • If the status is Not configured yet, hover over the setting and click Configure.
    • If the status is Locally applied or Inherited, click Edit or click Add another to edit it or add a new setting.
  5. At the top, enter a short description, such as Credit card number detector.
  6. In the Email messages to affect section, select the required types of messages to affect. 
    For example, to limit this setting to outbound mail, uncheck all boxes except Outbound.
  7. In the Expressions section, click Add.
  8. From the list, select Predefined content match.
  9. From the list, select the relevant predefined detector. 
    For example, if you want to scan outbound messages for content that includes credit card information, select Credit card number.
  10. (Optional) Set the following options:
    • Minimum number of matches—The number of times the specified content must appear in a message to trigger the action. For example, if you select 2, at least 2 different credit card numbers must appear in a message to trigger the action. Duplicate appearances of the same credit card number don’t trigger the action.
    • Confidence threshold—An additional measure used to determine whether messages trigger the action. There are two confidence threshold levels:
      • High: Fewer messages exceed the threshold, so fewer messages trigger the action. This might result in more false negatives: More messages being delivered when they shouldn't be. As a result, use this setting if you want messages to be delivered at the expense of occasionally letting messages through when they should trigger the action.
      • Medium: More messages exceed the threshold, so more messages trigger the action. This might result in more false positives: More messages triggering the action when they should simply be delivered. Use this setting if you're not sensitive to messages occasionally triggering the action when they should be delivered.
  11. Click Save.
  12. Choose whether you want to modify, reject, or quarantine the message. To verify content matches, try the quarantine option.
  13. Click Add setting or Save to close the dialog box.

    Any settings you add are highlighted on the Email settings page.

  14. At the bottom, click Save.

It can take up to an hour for users to see changes to their accounts.

 

 

Was this article helpful?
How can we improve it?