What’s changing
For select Google Workspace editions, admins can establish data loss prevention (DLP) rules for Google Chat that can help protect sensitive data from getting to unauthorized users. This feature is now available as an open beta, which means admins can use it without enrolling in a specific beta program.
Data loss prevention rules for Chat in the Admin console
Who’s impacted
Admins and end users
Why it’s important
Data leaks, whether accidental or malicious, are a top concern for our customers. Data protection rules for Chat help admins and security experts build a stronger framework around sensitive data to prevent personal or proprietary information from ending up in the wrong hands.
Admins can selectively apply data protection rules to:
- Messages in groups, spaces, and/or direct messages
- Messages between internal and/or external participants
- Message text and/or attachments
Once DLP rules are applied, messages and files in relevant conversations will automatically be scanned for sensitive information. Users will be notified about potential data loss, preventing it from leaving the organization accidentally or on purpose. Admins can configure the action to be taken in response to sensitive data being detected, such as: block from sending, warn before sending, and log for audit in the future.
Admins can configure these options to best fit the needs of their organization. If admins opt to log these events, they can be accessed in the Security Investigation Tool. This allows admins to do a comprehensive investigation and identify the reason for each incident and make adjustments to data protection policies as necessary.
Getting started
- Admins:
- This feature will be OFF by default and can be enabled at the domain, OU, or group level. You can create DLP rules in the Admin console under Security > Data Protection.
- Note: You can modify existing DLP rules for Drive and Chrome to also apply to Chat.
- Visit the Help Center to learn more about turning data loss prevention in Chat on for your organization.
Rollout pace
- Rapid Release and Scheduled Release domains: Gradual rollout (up to 15 days for feature visibility) starting on July 12, 2022
Availability
- Available to Google Workspace Enterprise Standard, Enterprise Plus, Education Fundamentals, Education Standard, Education Plus, and the Teaching & Learning upgrade customers.
- DLP rules for Drive are also available for Cloud Identity Premium users who are licensed for Workspace editions with Drive audit log. Visit the Help Center for more information.
- Not available to Google Workspace Essentials, Business Starter, Business Standard, Business Plus, Enterprise Essentials, Frontline, and Nonprofits, as well as legacy G Suite Basic and Business customers