Google recently announced a number of new security features for Gmail users in the enterprise. Last year, the company launched its Data Loss Prevention (DLP) feature for Google Apps Unlimited users that helps businesses keep sensitive data out of emails. Today, it’s launching the first major update of this service at the RSA Conference in San Francisco. The DLP feature allows businesses to set rules for what kind of potentially sensitive information is allowed to leave and enter its corporate firewall through email.
The most important new feature here is that DLP for Gmail can now also use optical character recognition to scan attachments for potentially sensitive information (think credit card numbers, drivers license numbers, social security numbers, etc.) and objectionable words (maybe a swear words or a secret project’s codename). DLP was already able to scan attachments before, but until now, it wouldn’t have been able to detect a social security number in an image-based file, for example. Now, DLP will also scan these files and admins can set up rules to reject or quarantine emails based on the settings they have decided on for their company.
In addition, Google is also launching a set of new predefined content detectors for DLP that will make it easier for admins to scan emails for personally identifiable information in a number of new countries and, according to Google, “offer broader coverage of HIPAA data.” With today’s update, Google is also making it easier for admins to handle emails differently depending on the number of rule violations. Using this new feature, a company may decide that an email with a single credit card number will go into quarantine, for example, while one with fifty rule violations will be outright rejected.
Admins can now also tighten and loosen detection criteria for the many detectors based on their needs, which should help avoid false positives.