search cancel

Write a content inspection policy for Google Keep Securlet

book

Article ID: 254711

calendar_today

Updated On:

Products

CASB Securlet SAAS

Issue/Introduction

Google GSuite Securlet has the capability to include Google Keep activities as well. This article goes over the steps to configure a content inspection policy for Google Keep on DLP Enforce.

Environment

  1. Google Gsuite/Workspace Securlet is activated with Google Keep (if not, here is a KB article on how to enable Google Keep)
  2. DLP Enforce is integrated with Cloudsoc

Resolution

It's a three parts process.

1) Policy Group

Choose a policy group or create a new policy group to be used for the "Google Keep" Securlet policies

2) Define an Application Detector

  • Log in to your DLP Enforce instance 
  • Navigate to the "Application Detection" screen (Manage > Application Detection)
  • Add a new Application Detector with a custom Securlet Name "Google Keep"
  • Associate the Application Detector with the Policy Group used for Google Keep

 

3) Policy

  • Navigate to the Policy Screen
  • Create a new policy and add the rules and response actions as needed
  • Associate the policy with the same Policy Group created on step 1

4) Verify that the modifications on the application Detection is Sync'ed to Cloudsoc/CDS

5) DLP incidents will look like this:

Additional Information

Note: Adding "Google Keep" to the predefined list of Securlets in DLP Enforce is in the roadmap.

Attachments