Write a content inspection policy for Google Keep Securlet
book
Article ID: 254711
calendar_today
Updated On:
Products
CASB Securlet SAAS
Issue/Introduction
Google GSuite Securlet has the capability to include Google Keep activities as well. This article goes over the steps to configure a content inspection policy for Google Keep on DLP Enforce.
Environment
Google Gsuite/Workspace Securlet is activated with Google Keep (if not, here is a KB article on how to enable Google Keep)
DLP Enforce is integrated with Cloudsoc
Resolution
It's a three parts process.
1) Policy Group
Choose a policy group or create a new policy group to be used for the "Google Keep" Securlet policies
2) Define an Application Detector
Log in to your DLP Enforce instance
Navigate to the "Application Detection" screen (Manage > Application Detection)
Add a new Application Detector with a custom Securlet Name "Google Keep"
Associate the Application Detector with the Policy Group used for Google Keep
3) Policy
Navigate to the Policy Screen
Create a new policy and add the rules and response actions as needed
Associate the policy with the same Policy Group created on step 1
4) Verify that the modifications on the application Detection is Sync'ed to Cloudsoc/CDS
5) DLP incidents will look like this:
Additional Information
Note: Adding "Google Keep" to the predefined list of Securlets in DLP Enforce is in the roadmap.