Nightfall Documentation
  • Data Detection and Response
  • Posture Management
  • Data Exfiltration Prevention
  • Data Encryption
  • Developer APIs
  • Data Classification and Discovery
  • Welcome to Nightfall Documentation
  • Release Notes
    • Release Notes 2025
    • Release Notes 2021-2024
  • Introduction
    • Why Cloud DLP?
    • Introduction to Nightfall
    • Nightfall Overview
    • Cloud-native DLP vs. CASB
    • How Nightfall Works
    • Reasons to Choose Nightfall
    • Benefits of Nightfall
  • Compliance
    • How Nightfall Fits into Compliance Frameworks
    • ISO 27001 Compliance + DLP
    • SOC 2 Compliance + DLP
    • PCI Compliance + DLP
    • PHI Detector - More on Nightfall's HIPAA Compliance Detector
  • Getting Started
    • Installing Nightfall
  • Nightfall Detection Platform
    • Overview
    • Detectors
    • Choosing a Nightfall Detector
      • Compliance Use Cases
      • Data Protection Use Cases
    • Nightfall Detector Glossary
      • Secrets Detection
    • Creating Custom Detectors
      • Creating Dictionary Detector
      • Create File Type Detector
      • Create File Fingerprint Detector
      • Create Regular Expression Detector
      • Extend a Nightfall Detector
    • Create Detection Rules
    • Detection Platform Overview
    • Evaluating Detection
    • Creating Policies
      • Selecting Integration
      • Scope of the Policy
      • Detection Rules
      • Advanced Settings
      • Name and Risk Score
    • Historical Scan Detection Rules
    • Regex Library
    • Detection Platform FAQs
      • How can I reduce false positives in my findings?
      • What do different “Confidence Levels” mean?
      • What file types will Nightfall scan for sensitive data? What are the limitations?
      • How do I use Context Rules?
      • How do I use Exclusion Rules?
      • Does Nightfall have a regex library I can choose from?
      • Why does Nightfall sometimes miss to report SSN, credit card number, and so on?
      • Why does the Password Detector Report False Positive Zoom Password Findings?
  • Nightfall Detection & Policy Templates
    • Detection Rules
    • Nightfall Sample Data Sets
  • Dashboard and Events
    • Nightfall Dashboard
    • Sensitive Data Protection Events
      • Filtering Events
      • Event Filter Operators
      • Applying Actions on Events
      • Applying Bulk Actions on Events
      • Event Status
      • Deduplication and Automatic Resolution of Events
  • Setting up Alert Platforms
    • Nightfall Alert Platforms
    • Setting up Slack as an Alert Platform
    • Setting up Jira as an Alert Platform
    • Setting up MS Teams as an Alert Platform
  • Operationalizing Nightfall DLP
    • Playbook
    • Informing & Coaching Business Users
    • Alert Management Guiding Principles
    • Integrating with Security Tools
      • Integrating with SIEM
        • Integrating with Microsoft Sentinel
      • Creating Dashboards for Nightfall Alerts in Splunk
      • Creating Dashboards for Nightfall Alerts in Sumo Logic
      • Sending Alerts to Microsoft Teams
    • Frequently Asked Questions (FAQs) for End-Users
  • Nightfall Integrations
  • Nightfall for Slack
    • Nightfall for Slack: Quick Start
    • Getting Started With Nightfall for Slack
      • Requirements
        • Requirements for Nightfall DLP for Slack Enterprise
        • Requirements for Nightfall DLP for Slack Pro and Slack Business+
      • Installing Nightfall for Slack
        • Installing Nightfall DLP for Slack Enterprise
        • Installing Nightfall DLP for Slack Pro and Business+
    • Configure Alerts for Slack
    • Configuring Policies for Slack Pro and the Slack Business+ Editions
      • Slack Pro and Business+ App Selection
      • Configure Scope for Slack Pro and Slack Business+
      • Configure Detection Rules for Slack Pro and Slack Business+
      • Configure Automated Actions in Slack Pro and Slack Business+
      • Configure Advanced Settings in Slack Pro and Slack Business+
      • Risk Configuration in Slack DLP for Slack Pro and Slack Business+ Editions
      • Manage Events for Slack
    • Configuring Policies for the Slack Enterprise Edition
      • Slack App Selection
      • Configure Scope for Slack Enterprise
      • Select Detection Rules for Slack Enterprise
      • Configure Automated Actions in Slack Enterprise
      • Configure Advanced Settings for Slack Enterprise
      • Risk Configuration for Slack Enterprise
      • Manage Events for Slack Enterprise
    • FAQs
      • Can I redact sensitive message content in Slack?
      • Nightfall for Slack Pro vs Enterprise
        • Upgrading from Slack Pro to Enterprise
      • Can we customize the alert messages sent in Slack?
      • Can I Disable Detection in Private Channels or DMs?
      • What types of channels does Nightfall scan? Does Nightfall scan shared channels?
      • I am unable to view a sensitive message or file from the Nightfall alert channel.
      • Upon Slack installation, why am I seeing a 400 error mentioning a "Restricted Action"?
      • I send a sensitive message, edit it, and then admin applies the Redact action. What is the outcome?
      • How do I re-install Nightfall DLP for Slack Pro Edition?
      • How do I re-install Nightfall DLP for Slack Enterprise Edition?
  • Nightfall for GitHub
    • Getting Started
      • Requirements
      • Install Nightfall for GitHub
      • Configure Alerts for GitHub
    • Configure Policies for GitHub
      • GitHub App Selection
      • Configure Scope for GitHub
        • Use Regular Expressions to Exclude GitHub Directories
      • Configure Detection Rules for GitHub
      • Configure Advanced Settings for GitHub
      • Configure Risk Score for GitHub
    • Manage GitHub Events
    • Remediation on Nightfall for Github
  • NIGHTFALL FOR GOOGLE DRIVE
    • Getting Started
      • Requirements
      • Install Nightfall for Google Drive
      • Enable Google Drive Labels
      • Configure Alerts for Google Drive
    • Configure Policies for Google Drive
      • Google Drive App Selection
      • Configure Scope for Google Drive
      • Configure Detection Rules for Google Drive
      • Configure Advanced Settings for Google Drive
      • Risk Score for Google Drive
      • Manage Google Drive Events
  • Nightfall for Confluence
    • Getting Started
    • Install Nightfall for Confluence
      • Configure Alerts for Confluence
    • Configuring Policies for Confluence
      • Confluence App Selection
      • Configure Scope for Confluence
      • Configure Detection Rules for Confluence
      • Configure Advanced Settings for Confluence
      • Configure Risk Score for Confluence
      • Manage Confluence Events
    • FAQs
      • Page Restrictions
  • Nightfall for jira
    • Getting Started
    • Install Nightfall for Jira
      • Configuring Alerts for Jira
    • Configure Policies in Nightfall for Jira
      • Jira App Selection
      • Configure Scope in Nightfall for JIRA
      • Select Detection Rules in Nightfall for JIRA
      • Configuring Advanced Settings in Nightfall for JIRA
      • Configure Risk Score for Jira
      • Manage Jira Events
  • Nightfall for Microsoft 365
    • Getting Started
      • Microsoft 365 Requirements
      • Setting up Directory Sync
      • Setting up Microsoft Tenant
        • Update App Selection for a Registered Tenant
    • Nightfall for OneDrive
      • Configure Alerts for OneDrive
      • Nightfall Policies for OneDrive
        • OneDrive App Selection
        • Configure Scope for OneDrive
        • Configure Detection Rules for OneDrive
        • Configure Advanced Settings for OneDrive
        • Risk Score for OneDrive Policies
        • Manage OneDrive Events
    • Nightfall for Microsoft Teams
      • Configure Alerts for Microsoft Teams
      • Configure Policies for Microsoft Teams
        • Select Integration in Microsoft Teams
        • Configure Scope for Microsoft teams
          • Scope for Personal Chats
          • Scope for MS Teams Channels
        • Configure Detection Rules in Microsoft Teams DLP
        • Configure Advanced Settings in Microsoft Teams
        • Risk Score in Microsoft Teams Policies
        • Manage Microsoft Teams Events
  • Nightfall for Gmail
    • Overview
    • Install Nightfall DLP for Gmail
      • Configure Content Compliance Rules
        • Create Content Compliance Rule - Monitoring
        • Configure Content Compliance Rule - Quarantine
        • Configure Routing Rules - SMTP Relay Settings
    • Configure Alerts for Gmail
    • Nightfall Policies for Gmail
      • Gmail App Selection
      • Configure Scope for Gmail
      • Configure Detection Rules for Gmail
      • Configure Advanced Settings for Gmail
      • Configure Risk Score for Gmail
      • Manage Gmail Events
    • Remediation on Nightfall for Gmail
  • Nightfall For Salesforce
    • Overview
    • Getting Started
      • Install Nightfall DLP for Salesforce
      • Upgrade Nightfall DLP for Salesforce
      • Configure Alerts for Salesforce
    • Nightfall Policies for Salesforce
      • Salesforce App Selection
      • Configure Scope for Salesforce
      • Configure Detection Rules for Salesforce
      • Configure Advanced Settings for Salesforce
      • Risk Score for Salesforce
      • Manage Salesforce Events
    • FAQs
  • Nightfall for Zendesk
    • Getting Started
      • Requirements
      • Install Nightfall DLP for Zendesk
      • Configure Alerts for Zendesk
    • Configure Policies for Zendesk
      • Zendesk App Selection
      • Configure Scope for Zendesk
      • Configure Detection Rules for Zendesk DLP
      • Configure Advanced Settings in Zendesk
      • Risk Score for Zendesk
      • Manage Zendesk Events
  • Nightfall for Notion
    • Getting Started
      • Requirements
      • Steps
    • Install Nightfall for Notion
      • Verification of Notion Installation
    • Configure Alerts for Notion
    • Configure Policies for Notion
      • Notion App Selection
      • Configure Detection Rules for Notion
      • Configure Advanced Settings for Notion
      • Risk Score for Notion
      • Manage Notion Events
  • NIGHTFALL FOR Generative AI Applications
    • Overview
    • Install Nightfall for GenAI apps
      • Install Nightfall DLP on Individual Devices
      • Install Nightfall DLP Across Organization
    • Configure Alerts for GenAI apps
    • Creating GenAI Policies from Nightfall Console
      • AI Apps Selection
      • Configure Detection Rules for AI Apps
      • Configure Advanced Settings for AI Apps
      • Risk Score for AI Apps
    • Nightfall Browser Plugin Deployment Guide
    • GenAI Safe Usage and Data Protection Policy
  • Developer Section
    • Nightfall Firewall for AI
    • Nightfall Playground
  • Settings
    • Users and Roles
      • Authentication Options
    • Role Based Access Control (RBAC)
      • Security Analyst Role
      • Policy Manager Role
      • Security Events Manager Role
      • Security Operations Manager Role
      • System Administrator Role
    • Directory Sync
      • Add Microsoft Entra ID to Nightfall
      • Google Workspace Directory Service
      • Add Okta to Nightfall
    • Custom Branding
    • Customer Referral Program
  • Frequently Asked Questions (FAQs)
    • How long does it take to deploy Nightfall?
    • How do I deploy Nightfall?
    • What are some unique points about Nightfall that I should know?
    • Which languages does Nightfall support?
    • How does Nightfall yield time savings for my team?
    • Nightfall vs Legacy DLP: What's the difference?
    • How does Nightfall make my organization more secure?
    • Nightfall vs CASB: What's the difference?
    • Nightfall vs E-Discovery: What's the difference?
    • How does Nightfall classify data?
    • What types of data does Nightfall classify?
    • Does Nightfall scan unstructured data?
    • Does Nightfall require data to be already tagged?
    • How do I learn more about and test out Nightfall?
    • Using Service Accounts with Nightfall
    • Which permissions are required for each integration?
    • Where can I find active user counts for each SaaS application protected by Nightfall?
    • In the Atlassian Marketplace, why does it show that the Nightfall app is not approved in security?
    • How can I estimate the data volume that Nightfall needs to scan?
    • How can I check the Platform Status of Nightfall
  • Login to Nightfall
  • Contact Nightfall
Powered by GitBook
On this page
  • Admin Alerting
  • Automated Actions
  • Automated Action Scenarios
  • End-User Notification
  • Custom Message
  • Automation
  • End-User Remediation

Was this helpful?

Export as PDF
  1. NIGHTFALL FOR GOOGLE DRIVE
  2. Configure Policies for Google Drive

Configure Advanced Settings for Google Drive

Learn how to configure the advanced settings section in a Nightfall policy for the Google Drive.

PreviousConfigure Detection Rules for Google DriveNextRisk Score for Google Drive

Last updated 3 months ago

Was this helpful?

This stage allows you to select notification channels if a policy violation occurs. The notification alerts are sent at two levels; admin and end-user. Admin users are the Nightfall administrators who generally work on the Nightfall SaaS application and configure various settings in Nightfall. End-users are owners or editors of the file in which the violation was detected.

Admin Alerting

This section allows you to send notifications to Nightfall users.

The alert configurations configured in this section describe the process of creating alerts at the policy level. Policy-level alerts apply only to the policy on which they are configured. To configure an alert on all the Google Drive policies, you must configure alerts at the integration level. To learn more about how to configure integration-level policies for the Google Drive integration, read .

The steps to configure alert channels for policy-level integration are the same as in the case of integration-level alerts. You can refer to for steps.

Automated Actions

This section describes the various actions that Nightfall takes automatically when a violation is detected. You must turn on the toggle switch to enable an action. All the automated actions are permanent and cannot be reversed once applied. You can also use the delayed remediation feature to set the timeline as to when an action must be taken. You can either choose to apply the automated action immediately after detecting a violation or after some time.

The various automated actions are described as follows.

  • Remove all external users and groups: This action revokes the file access in which sensitive data was found. All external users and groups will no longer have access to the file. You must also configure the delayed remediation feature by selecting an option in the Trigger action field. You can either choose to apply the action You can either select the Immediately option to apply the automated action immediately after detecting a violation or select the After option to implement the automated action after a certain time delay. If you select the After option, you must also set the delay time. The automated action is implemented once the delay time is elapsed.

  • Remove all internal users and groups: This action revokes the file access in which sensitive data was found. All internal users and groups will no longer have access to the file.

  • Restricted: This action restricts the file access only to those users who have the link to access it.

  • Disable Download, Print, and Copy: This action disables downloading, printing, or copying the file in which sensitive data was found. This action is only applicable to users with the View and Comment permission. File owners can always download and copy the file.

  • Apply Labels: This action allows you to automatically apply labels on files with sensitive data. You can choose to apply either a badged label or standard labels. All the Labels are listed under the + Add Label drop-down menu. You must click this drop-down menu and select the required label(s).

Automated Action Scenarios

Change Link Settings to Restricted

Action Description

When executed, this action removes any existing Anyone with the link sharing settings. Disables public access to the file and limits access to only specifically designated users and groups. The sharing settings are updated to Restricted.

Supported Scenarios:

  • Files stored in user's personal drive

  • Files located in shared drives

  • Files currently configured with "Anyone with the link" access

  • Files currently shared with specific target audiences

Unsupported Scenarios

  • Files already set to "Restricted" access level

Remove External Users & Groups

Action Description: When executed, this action has a different impact on files that are part of a personal drive and files that are part of a shared drive.

For files in personal drives:

  • Identifies all external users and groups (outside the organization domain)

  • Removes their access permissions

  • Maintains internal user permissions

  • Preserves owner access

For files in Shared Drives:

  • Removes only directly assigned external users and groups.

  • However, external users and groups with access to the shared drive can continue accessing the file.

Supported Scenarios:

Personal Drive Files:

  • Removes all external users and groups

  • File owner retains access

Unsupported Scenarios:

Shared Drive Files:

  • External users with shared drive access retain their access

  • Permission inheritance from the shared drive cannot be overridden

Remove Internal Users & Groups

Action Description: When executed, this action has a different impact on files that are part of a personal drive and files that are part of a shared drive.

For Personal Drive Files:

  • Identifies all internal users and groups (within the organization domain)

  • Removes their access permissions

  • Maintains owner access

For Shared Drive Files:

  • Identifies directly assigned internal users/groups and removes only direct permissions.

  • Preserves drive-level access

Supported Scenarios:

Personal Drive Files:

  • Removes all internal users and groups

  • File owner retains access

Shared Drive Files:

  • Removes only directly assigned internal users and groups

  • Drive collaborators retain their access

Disable Download, Print and Copy

Action Description: When executed, this action:

  • Removes the ability to download the file

  • Disables printing functionality

  • Prevents copying of file content

  • Maintains view/edit access based on existing permissions

Supported Scenarios:

  • Files in user's personal drive

  • Files in shared drives

  • Files where these actions are currently enabled

Unsupported Scenarios:

  • Files where these actions are already disabled

  • File types that don't support permission restrictions

End-User Notification

This section allows you to configure notifications to be sent to the end user whose actions triggered the violation.

Custom Message

Automation

You can select one of the following methods. You must turn the toggle switch to use this option.

  • Via Slack: This option sends a Slack notification to the user whose actions triggered the violation.

  • Via Email: This option sends an Email to the user whose actions triggered the violation.

End-User Remediation

End-user remediation (also known as Human Firewall) allows you to configure remediation measures that end users can take, when a violation is detected on their Google Drive files. You must turn on the toggle switch to use this option. When an end-user action triggers a violation, they receive an email with content mentioned in the Custom Message section. Apart from the Email content, end users can also view one or multiple actions described below. All the actions that a Nightfall admin enables here, are visible to end-users in the Email.

  • Remove External User(s): This action revokes the file access permissions. All external users lose access to the file in which sensitive data was found. If you have enabled the Remove all external users and groups action in the Automated Actions section, this action is disabled.

  • Restricted Link: This action resets the file access permission to only those users who have the link to the file. If you have enabled the Restricted action in the Automated Actions section, this action is disabled.

  • Disable Download: This action disables the download of the file in which sensitive data was found. If you have enabled the Disable Download, Print, and Copy action in the Automated Actions section, this action is disabled.

  • Apply Labels: This action allows end-users to apply either badged label or standard labels on the files with sensitive data. End-users can apply a single badge label and up to four standard labels. If you have enabled the Apply Labels action in the Automated Actions section, this action is disabled.

  • Report as False Positive with Business Justification: This option allows end users to report false positive alerts and provide a business justification as to why the alert is considered to be false positive.

  • Report as False Positive: This option allows end users to report false positive alerts.

When a Violation is Reported as False Positive: You can use this option to set actions to be taken when a violation is reported as false positive by the end-user. You can either set the remediation to be automatic or manual.

Remind Every (until Violation expires): You can use this option to set a reminder for the end-user to take action on the violation. You can choose to remind the end user every 24, 48, or 72 hours.

Enter a custom message to be sent to the end user. This message is sent in an Email. You can modify the default message provided by Nightfall and draft your message. The total character length allowed is 1000 characters. You can also add hyperlinks in the custom message. The syntax is <link | text >. For example, to hyperlink with the text Nightfall website, you must write < | Nightfall website> .

https://www.nightfall.ai
https://www.nightfall.ai
this document
this document