Nightfall Documentation
  • Data Detection and Response
  • Posture Management
  • Data Exfiltration Prevention
  • Data Encryption
  • Developer APIs
  • Data Classification and Discovery
  • Nightfall Data Encryption
  • Encryption FAQs
  • Gmail
    • Data Encryption for Gmail - Overview
    • Installing Nightfall DLP
      • Installing Nightfall DLP on Individual Devices
      • Installing Nightfall DLP Across Organization
    • Creating Policies for Encryption
      • Integration
      • Scope
      • Advanced Settings
      • Creating Policy
      • Remediation for Data Encryption
      • Encryption Policy FAQs
    • Nightfall Encryption - Sender Experience
    • Nightfall Encryption - Recipient Experience
    • Encryption Events Page
Powered by GitBook
On this page
  • Prerequisites
  • Creating Policy

Was this helpful?

Export as PDF
  1. Gmail

Creating Policies for Encryption

PreviousInstalling Nightfall DLP Across OrganizationNextIntegration

Last updated 8 months ago

Was this helpful?

Encryption policies allow Nightfall administrators to precisely control data encryption options for outgoing emails in Gmail. These policies offer granular control over who can access encryption features and what default settings are applied.

Key Features:

  1. Tailored policies:

    • Administrators can limit the policy's scope to specific users or groups, ensuring targeted application of encryption settings.

    • Sync users and groups from Google Directory, Okta, or Microsoft Entra ID for seamless integration.

  2. Default Encryption Settings: Once configured, policies automatically apply the specified encryption settings to outgoing emails for the selected users/groups.

    • Disable Forwarding: Hides the Forward button in Gmail for encrypted emails.

    • Prevents forwarding or adding recipients in Nightfall Secure Reader.

    • Set Expiration Date: Automatically sets a date after which the email becomes inaccessible to recipients.

    • Persistent Protection on Attachments: Ensures attachments are only accessible via the secure reader, preventing downloads.

  3. Sender Flexibility:

    • While default settings can be applied, senders retain the ability to modify these settings when composing emails.

This enhanced encryption policy system allows organizations to enforce robust security measures while maintaining user flexibility, ensuring that sensitive communications are protected according to specific organizational needs and compliance requirements.

Prerequisites

  • Install Google Chrome Extension: Nightfall admins must install the Nightfall DLP for Browser extension from the Chrome webstore. You can refer to to learn more about installing the Nightfall Chrome extension.

  • Setup directory sync with Google Directory, Entra ID or Okta as per your organization's identity provider. You can refer to the to learn more about setting this up.

Creating Policy

The process of creating a policy consists of the following steps.

Integration

Scope

Advanced Settings

Creating Policy

Remediation for Data Encryption

this document
identity provider installation instructions here