Installing Nightfall DLP Across Organization

The steps in this document can only be performed by a Nightfall admin installation process can only be performed by a Google Workspace admin and the plugin is installed on all the user devices that are part of the Google Workspace. Google Workspace admins can install the plugin in two ways which are described as follows.

Rollout Using MDM

Google Workspace administrators can use an MDM solution to rollout the extension across the chromium browsers.

Rollout Using Chrome Management Google workspace

To rollout Chrome plugin using Chrome management:

  1. Log in to your Google Workspace admin console.

  2. Navigate to Devices > Chrome > Apps & extensions.

  3. Click the Users & browsers tab.

  1. Select the OU on which you wish to install the Nightfall DLP for browsers. By default, the top most level OU is selected.

  1. Hover the mouse on the + icon and select the Add from Chrome Web Store option.

  1. Search the term Nightfall in the search console and select Nightfall DLP for Browsers.

  1. Click Select.

  1. Click the Installation policy drop-down menu (by default, the Allow install option is selected in this drop-down menu).

  1. Select the Force install option. (you can also select the Fore install + pin to browser toolbar option).

  1. Click SAVE.

Grant access to the Nightfall DLP app

Depending on the security settings of your organization, you may be required to follow additional steps to grant access to Nightfall access to specific data from Gmail. If you encounter the following error while sending an encrypted email using the Nightfall Chrome extension, it is likely because Nightfall does not have access to the necessary permissions in your Google Workspace organization:

Kindly follow these steps to resolve the issue:

  1. Navigate to Security > Access and data control > API Controls and click Manage App Access

  1. Look for the Nightfall DLP app (ID: 1088094470518-78rkhmpb4de8hj663tlntdlh5avri759 ) and click Change access

  1. Select your organization's name in the following screen and click Next

  1. Select Specific Google data and click Next

  1. Allow a few minutes for the changes to propagate to all your users. Once you've completed the above steps, reopen Chrome and launch Gmail in a new tab to send encrypted emails.

Announce the Nightfall DLP Browser Installation

Once you have installed the Nightfall DLP browser, you can notify your organization of the benefits it can get them. You can educate them about the importance of encrypting emails before sending them. You must also train users on how to encrypt emails with Nightfall. You can redirect the users to Nightfall documentation for Nightfall Encryption - Sender Experience and Nightfall Encryption - Recipient Experience.

If you wish to exchange encrypted emails between your organization and an external entity, you can ask them to install the Nightfall Browser DLP on their devices. You can ask them to refer to this doc which talks about installing the Nightfall Browser DLP on individual devices.

PreviousInstalling Nightfall DLP on Individual DevicesNextCreating Policies for Encryption

Last updated

Was this helpful?