Gmail Now Offers Alerts if Sensitive Data Is Being Sent

The new Google at Work data loss prevention feature gives warnings if sensitive data is in documents or emails before they are sent.

Google for Work, Gmail, Google Apps Unlimited, security, sensitive data, email

Google has unveiled a new data loss prevention (DLP) feature as part of its Google at Work paid offerings that can be set to alert users if an email or document they are about to send includes sensitive information such as credit card numbers or Social Security numbers.

The DLP feature, which is being offered to Google Apps Unlimited customers, was announced in a Dec. 9 post by Suzanne Frey, director of security, trust and privacy for Google Apps, on the Official Google for Work Blog.

The added security feature is available to Google Apps Unlimited customers immediately in Gmail, she wrote, while the company plans to also bring DLP to Google Drive in the future.

"Workers are constantly creating and sharing new ideas, and keeping these ideas safe needs to be simple, quick and reliable," Frey wrote in her post. "But sometimes mistakes happen; for example, you might hit 'Reply all' when meaning to send a private message. So today, if you're a Google Apps Unlimited customer, Data Loss Prevention (DLP) for Gmail will add another layer of protection to prevent sensitive information from being revealed to those who shouldn't have it."

Gmail DLP works by allowing organizations to set policies that flag messages which include sensitive information such as Social Security or credit card numbers, wrote Frey. Such a policy might say that sales department workers should not share customer credit card information with vendors, for example.

To prevent that, administrators can set up a DLP policy by selecting "credit card numbers" from a library of predefined content detectors, which would then be automatically checked against all outgoing emails from the sales department for potential action, wrote Frey. That could involve quarantining emails for review, telling users to modify the information or blocking the email from being sent while notifying the sender, she wrote.

"These checks don't just apply to email text, but also to content inside common attachment types―such as documents, presentations, and spreadsheets," Frey wrote. "And admins can also create custom rules with keywords and regular expressions."

Detailed information about the DLP feature can be found on the Google Apps Administrator Help page or in a DLP whitepaper provided by Google.

"Gmail DLP is the first step in a long term investment to bring rule-based security across Google Apps," wrote Frey. "We're working on bringing DLP to Google Drive early next year, along with other rule based security systems."

Google has made other security improvements for Google at Work users in 2015, including the introduction of Security Keys to make two-step verification more convenient and provide better protection against phishing. Also launched was Password alert, which is an open-source Chrome extension that helps users protect their passwords.

Also introduced this year were Google Apps identity services, which allow secure single sign-on access with SAML and OIDC support.

Plus, mobile device management and mobile app management features were completed across Google Apps, while Postmaster tools were launched to help Gmail users better handle large volumes of mail and report spam, according to Google.

New sharing features, alerts and audit events were also introduced to Drive for Google Apps Unlimited customers to provide more control over their information.