New System to Improve Data Loss Prevention (DLP) in Google Drive2020-01-30T14:21:42+00:00

Project Description

📖 3 mins read

Google is introducing a new data loss prevention (DLP) system that will make it easier to deploy more advanced detection policies for content on Google Drive. The new Drive DLP functionality can be found at: Admin console > Security > Data Protection. Key updates include:

  • Advanced detection policies that enable more detailed rules using nested conditions, volume-based detection, finer detection thresholds, and more.
  • New DLP incident management dashboard to see incident trends, view detailed incident reports, dry run rules, and more.
  • Simplified deployment with more flexible scoping, roles based access for admins, and more.

The new system is separate from the legacy Drive DLP system. 

Currently, the new DLP system (at Admin console > Security > Data Protection) will exist alongside the legacy DLP system (at Admin console > Rules). Rules created in the new system will be separate from rules in the legacy system, and both will continue to work. You can migrate legacy DLP rules to the new DLP by manually creating a new rule in the DLP and then deleting the legacy DLP rule. When you perform this migration, Google encourages you to consider reconfiguring them to use the more advanced functionality offered by the new system.

Who’s impacted


Why you’d use it

Protecting your company’s confidential data is critical. DLP supports this by giving you control over what users can share, and prevents unintended exposure of sensitive information. You can use it to prevent or warn users from sharing sensitive content (such as confidential information and customer social security numbers) outside of the domain on a per file basis. As an admin, you can also use the system to get alerts about policy violations and DLP incidents and to investigate information on the policy violation.

Google have developed this new system to provide a more advanced way for you to configure DLP for Drive, going beyond the previously announced Drive DLP systems (DLP for Drive, and DLP for shared drives). You can use it to make your deployment more powerful and flexible with more granular policies customized for the specific needs of your organization. Combined with added deployment flexibility, it will be easier to deploy more advanced DLP policies that add visibility into and control over your data.

Additional details

Advanced detection policies 

The new Drive DLP system provides more advanced functions to help admins configure deeper content detection rules including:

  • Nested conditions with AND, OR, and NOT – You can now define complex DLP rules leveraging a wide variety of conditions.
  • Volume-based detection – Enforce DLP actions based on the number of violations to reduce the incident volume.
  • Finer detection thresholds – Additional detection confidence thresholds help to balance DLP settings and reduce false positives.
  • Targeted detection – Choose to target detection to comments, suggestions, title, body or all content of a Drive file.

Additionally, you can now utilize DLP rule templates to quickly author new policies. Templates utilize predefined content detectors, which can then be fine-tuned with appropriate threshold levels suitable for your environment.

New System to Improve Data Loss Prevention (DLP) in Google Drive 1
More advanced rules can leverage nested conditions, targeted detection, and more. 

Incident management dashboard 

The new system includes a DLP dashboard that will help you test, understand, and manage rules and alerts in your domain, including by showing incident trends. Features include:

  • “Dry Run” for your data protection rules – Generate reports without having the rule active so you can start monitoring your environment without enforcing blocking actions.
  • New alert delivery options – Choose who receives alerts for specific rules, including additional members of the organization outside the super admin groups.
  • Detailed incident reports – See more detailed reports for all the DLP actions (block, warn, audit).
  • Integration with policy investigation tool – Help DLP response teams dig deeper into violations when needed.
New System to Improve Data Loss Prevention (DLP) in Google Drive 2
New dashboard helps you see violation trends. 
New System to Improve Data Loss Prevention (DLP) in Google Drive 3
New dashboard gives insight into your DLP alerts. 

Simplified deployment 
The new system makes it easier to deploy DLP rules with features like:

  • Roles-based access for administrators – Assign delegated admins for DLP functions in the Admin console. Learn more.
  • Predefined content detectors – Use 90+ predefined content detectors to help expand coverage and better manage policy violations.
  • Policy exports – Download a copy of DLP policies.
  • Flexibility for scoping policies – Scope DLP policies to include or exclude specific groups or OUs.

Getting started

  • Admins: This feature will be OFF by default and can be controlled at the domain, OU, or group level. Find the new DLP system at Admin console > Security > Data Protection.
  • End users: No action needed.

Rollout pace


  • Available to Google Workspace Enterprise, Google Workspace for Education, Google Workspace Enterprise for Education, and Drive Enterprise customers
  • Not available to Google Workspace Basic, Google Workspace Business, and Google Workspace for Nonprofits customers.


Thanks for sharing and spreading the word!
Go to Top