Creating Policies for Encryption

Encryption policies allow Nightfall administrators to precisely control data encryption options for outgoing emails in Gmail. These policies offer granular control over who can access encryption features and what default settings are applied.

Key Features:

  1. Tailored policies:

    • Administrators can limit the policy's scope to specific users or groups, ensuring targeted application of encryption settings.

    • Sync users and groups from Google Directory, Okta, or Microsoft Entra ID for seamless integration.

  2. Default Encryption Settings: Once configured, policies automatically apply the specified encryption settings to outgoing emails for the selected users/groups.

    • Disable Forwarding: Hides the Forward button in Gmail for encrypted emails.

    • Prevents forwarding or adding recipients in Nightfall Secure Reader.

    • Set Expiration Date: Automatically sets a date after which the email becomes inaccessible to recipients.

    • Persistent Protection on Attachments: Ensures attachments are only accessible via the secure reader, preventing downloads.

  3. Sender Flexibility:

    • While default settings can be applied, senders retain the ability to modify these settings when composing emails.

This enhanced encryption policy system allows organizations to enforce robust security measures while maintaining user flexibility, ensuring that sensitive communications are protected according to specific organizational needs and compliance requirements.

Prerequisites

  • Install Google Chrome Extension: Nightfall admins must install the Nightfall DLP for Browser extension from the Chrome webstore. You can refer to this document to learn more about installing the Nightfall Chrome extension.

  • Setup directory sync with Google Directory, Entra ID or Okta as per your organization's identity provider. You can refer to the identity provider installation instructions here to learn more about setting this up.

Creating Policy

The process of creating a policy consists of the following steps.

Integration

Scope

Advanced Settings

Creating Policy

Remediation for Data Encryption

Last updated