Configuring Google Drive Policies

Exfiltration policies allow you to monitor download events across your Google Drive environment. Through real-time download monitoring, you can identify insider risk and anomalous behaviour before it escalates to large scale security incidents. You can monitor download activity for specific users or user groups, specific drives containing valuable sensitive assets, or downloads of any files containing sensitive data types as discovered and classified by Nightfall's ML/AI based detectors.

You can set up your policies to monitor only, to educate users in real-time about your download and data governance policies, or to automatically suspend user access to the Google Workspace to enforce zero tolerance policies.

The detailed steps to configure the Google Drive Exfiltration policy is explained in the following documents.

Integration

Trigger

Automated Actions

Creating Policy

Remediation for Google Drive Exfiltration

Last updated