Enable content inspection on Gmail / Google mail
search cancel

Enable content inspection on Gmail / Google mail

book

Article ID: 378582

calendar_today

Updated On:

Products

CASB Gateway CASB Gateway Advanced CASB Security Advanced CASB Security Premium CASB Security Standard

Issue/Introduction

As of July 2024, Cloudsoc Gatelet introduced the support to scan the payload of the predefined Google Apps which extends the scope to the Email Body of Gmail. This article goes into the steps to implement a policy around it.

Environment

Gmail Gatelet Enabled and fully functional

Cause

Email Body is a special type of object, as of 3.171 (July's version) which is presented differently by the SaaS App itself, different than File attachment or Messages.

Resolution

1- Enabled the Payload Scan Feature on the tenant

  • Login to Cloudsoc Console
  • Navigate to "Settings > Gateway"
  • Locate the section related to "Payload Scan" and make sure it is enabled.

2- Enable the 'Payload scan' on Gmail Gatelet

  • Login to Cloudsoc Console
  • Navigate to "Store"
  • Locate "Gmail" Gatelet (or search for it)
  • Edit and Enable the payload scan if not enabled (Disabled by default)

 

3- Build a DIM DLP policy

craft a policy around the use case to be covered, with the above configuration, the contents of the email would be sent to the DLP for inspection.

Here is a simple Keyword based policy:

This should match an email body like this:

 

Additional Information

Powered by Wolken Software