# Installing Nightfall DLP Across Organization

The steps in this document can only be performed by a Nightfall admin installation process can only be performed by a Google Workspace admin and the plugin is installed on all the user devices that are part of the Google Workspace. Google Workspace admins can install the plugin in two ways which are described as follows.

## Rollout Using MDM

Google Workspace administrators can use an MDM solution to rollout the extension across the chromium browsers. 

* [JAMF](https://learn.jamf.com/bundle/technical-paper-aws-verified-access/page/Downloading_and_Deploying_the_Manifest_File.html)
* [Kandji](https://support.kandji.io/support/solutions/articles/72000560463-google-chrome-management)
* [Chrome on Windows](https://support.google.com/chrome/a/answer/7532015?hl=en)
* [Edge on Windows](https://learn.microsoft.com/en-us/deployedge/microsoft-edge-manage-extensions-policies#force-install-an-extension)

## Rollout Using Chrome Management Google workspace

To rollout Chrome plugin using Chrome management:

1. Log in to your Google Workspace admin console.
2. Navigate to **Devices > Chrome > Apps & extensions**.
3. Click the **Users & browsers** tab.

<figure><img src="/files/H8wPHRRCrC4ZyA3ES6CM" alt=""><figcaption></figcaption></figure>

4. Select the OU on which you wish to install the Nightfall DLP for browsers. By default, the top most level OU is selected.&#x20;

<figure><img src="/files/WaRqlQmJTPrcP4s0uRUK" alt=""><figcaption></figcaption></figure>

5. Hover the mouse on the **+** icon and select the **Add from Chrome Web Store** option.

<figure><img src="/files/n4hZesI01VaKWq4gFDsK" alt=""><figcaption></figcaption></figure>

6. Search the term `Nightfall` in the search console and select **Nightfall DLP for Browsers**.&#x20;

<figure><img src="/files/PePyb3GDPQcH7LwNEjAo" alt=""><figcaption></figcaption></figure>

7. Click **Select**.&#x20;

<figure><img src="/files/qwozCfGh9c81wBjB7gWP" alt=""><figcaption></figcaption></figure>

8. Click the **Installation policy** drop-down menu (by default, the **Allow install** option is selected in this drop-down menu).

<figure><img src="/files/WNNTf1mt1Gdb7lLrlOZq" alt=""><figcaption></figcaption></figure>

9. Select the **Force install** option. (you can also select the **Fore install + pin to browser toolbar** option).

<figure><img src="/files/jg4TqZMGOnJ9BKAfUNRz" alt=""><figcaption></figcaption></figure>

10. Click **SAVE**.

<figure><img src="/files/koCQJUJdCWiCvQbOD6CO" alt=""><figcaption></figcaption></figure>

### Grant access to the Nightfall DLP app

Depending on the security settings of your organization, you may be required to follow additional steps to grant access to Nightfall access to specific data from Gmail. If you encounter the following error while sending an encrypted email using the Nightfall Chrome extension, it is likely because Nightfall does not have access to the necessary permissions in your Google Workspace organization:

<figure><img src="/files/Zo2NpY3vqGmiUPlobp7j" alt=""><figcaption></figcaption></figure>

Kindly follow these steps to resolve the issue:

1. Navigate to **Security > Access and data control > API Controls** and click **Manage App Access**

<figure><img src="/files/87q0NfnjE4t0Er8Aqy6S" alt=""><figcaption></figcaption></figure>

2. Look for the **Nightfall DLP** app (ID: `1088094470518-78rkhmpb4de8hj663tlntdlh5avri759` ) and click **Change access**

<figure><img src="/files/cdwOI3GsgdicFvVuGW8i" alt=""><figcaption></figcaption></figure>

3. Select your organization's name in the following screen and click **Next**

<figure><img src="/files/JKoqQRTqAUbsTt2uvBpX" alt=""><figcaption></figcaption></figure>

4. Select **Specific Google data** and click **Next**

<figure><img src="/files/0ChvDGVbsjvJpreBGJUu" alt=""><figcaption></figcaption></figure>

5. Allow a few minutes for the changes to propagate to all your users. Once you've completed the above steps, reopen Chrome and launch Gmail in a new tab to send encrypted emails.

## Announce the Nightfall DLP Browser Installation

Once you have installed the Nightfall DLP browser, you can notify your organization of the benefits it can get them. You can educate them about the importance of encrypting emails before sending them. You must also train users on how to encrypt emails with Nightfall. You can redirect the users to Nightfall documentation for [Nightfall Encryption - Sender Experience](/data-encryption/gmail/nightfall-encryption-sender-experience.md) and [Nightfall Encryption - Recipient Experience](/data-encryption/gmail/nightfall-encryption-recipient-experience.md).&#x20;

{% hint style="info" %}
If you wish to exchange encrypted emails between your organization and an external entity, you can ask them to install the Nightfall Browser DLP on their devices. You can ask them to refer to this doc which talks about [installing the Nightfall Browser DLP on individual devices](https://help.nightfall.ai/nightfall-email-encryption-management/encryption-for-gmail/installing-nightfall-dlp-for-browsers).&#x20;
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://help.nightfall.ai/data-encryption/gmail/installing-nightfall-dlp/installing-nightfall-dlp-across-organization.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.