Build a GSuite Securlet policy to control the "Searchable" feature of a share
Article ID: 270043
Updated On:
Products
Issue/Introduction
The process to share a file in GSuite requires a few parameters and one of them is the ability to make the share either "Searchable" or not. This feature is available only when the file is shared with the whole internal organization.
The use case here is to control the type(s) of "Searchable" feature used within the organization.
To clarify further:
- Select a file on Google Drive for example,
- click on Share,
- then select the "Organization" then click on the role,
- On the popped up snippet, scroll down to "SEARCHABLE" section.
Environment
GSuite is active, and DLP Enforce is connected.
Resolution
A new contextual attribute has been introduced on Cloudsoc version 3.160, with the new condition, a DLP policy rule can be used to match on either type of the "Searchable" feature.
Here are the steps:
1- Create a DLP policy with a contextual attribute rule:
2- Add a rule > Give it a display name > set the attribute type to "Boolean Attribute" > set the name to "common.doc.searchable" > set the value as desired to either "True" or "False"
3- Set the rest of the DLP policy parameters as required (Response action, group ..etc)
The expected behavior:
if the Boolean value is set to "True" as in the above screenshot, then this policy will match only the shares made searchable, but it won't match the share if it is made by "link" only.
Feedback
