Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DLP Policy Moving to Common Controls #454

Open
mdueltgen opened this issue Oct 3, 2024 · 0 comments
Open

DLP Policy Moving to Common Controls #454

mdueltgen opened this issue Oct 3, 2024 · 0 comments
Assignees
@mdueltgen
Labels
Baseline Revision Common Controls Internal Discussion scb update tracking
Milestone
Driftwood

Comments

@mdueltgen
Copy link
Collaborator

mdueltgen commented Oct 3, 2024
edited
Loading

DLP now exists for Gmail, Google Chat, and Drive Docs

I aim to remove Drive Docs 7.1 and Chat 5.1 and make one consolidated DLP policy in common controls.

This would also cover Issue #286 and would close out PR #452 and PR #450

Below is my draft for the policy

`#### GWS.COMMONCONTROLS.18.1v0.3
Agencies SHOULD configure DLP rules to block or warn on sharing files with sensitive data.

Resources

Prerequisites

  • None

Implementation

GWS.COMMONCONTROLS.18.1v0.3 Instructions

  1. Sign in to the Google Admin Console.
  2. Select Menu -> Security -> Access and data control -> Data protection.
  3. Click Manage Rules.
  4. For each DLP rule necessary to meet the standards of an agency:
  5. Click Add rule -> New rule or click Add rule -> New rule from template. For templates, select a template from the Templates page.
    1. For new rules:
    1. In the Name section, add the name and description of the rule.
    1. In the Scope section, apply this rule only to the entire domain or to selected organizational units or groups, and click Continue. If there's a conflict between organizational units and groups in terms of inclusion or exclusion, the group takes precedence.
    1. In the Apps section, choose the trigger for Google Drive, Drive files, Google Chat, Message sent, File uploaded,amd Gmail, Message sent then click Continue.
    1. In the Conditions section, click Add Condition.
    1. Configure appropriate content definition(s) based upon the agency's individual requirements and click Continue.
    1. In the Actions section, select the appropriate action to warn or block sharing for Google Chat, Gmail, and Google Drive based upon the agency's individual requirements.
    1. In the Alerting section, choose a severity level, and optionally, check Send to alert center to trigger notifications.
    1. Review the rule details, mark the rule as Active, and click Create.`
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mdueltgen mdueltgen

Labels
Baseline Revision Common Controls Internal Discussion scb update tracking
Projects
None yet
Milestone
Driftwood
Development

No branches or pull requests
1 participant
@mdueltgen