Learn how to get started with Nightfall DLP for Google Drive.
Please follow the link to below, to our main Nightfall website page, which includes access to the Walkthrough Demo Video for Google Drive: https://nightfall.ai/nightfall-demo-google-drive-dlp Note: The video is gated by a company email input prompt.
To install the Nightfall DLP for Google Drive integration, you must have the following:
A Google Workspace account, preferably a service account.
An admin user account of your organization's Google Workspace account (or any other Google Workspace account) on which you wish to install the integration.
The Nightfall for Google Drive integration allows you to configure alerts at the policy level and also at the integration level. Alerts can be sent in Google Drive by using the following alert channels.
Slack
Webhook
Jira Tickets
When you configure alert settings at the integration level, the alert settings apply to all the policies, created for the Google Drive integration. However, when you configure alert settings specifically for a policy, which is created in the Google Drive integration, the alert settings are applicable only for that specific policy.
This document explains how to configure alerts at the integration level.
To use Slack as an alert platform, you must first perform the required Slack configurations. You can refer to this document to learn more about how to configure Slack as an Alert platform.
To use Webhook as an alert platform, you must first perform the required Webhook configurations. You can refer to this document to learn more about how to configure Webhook as an Alert platform.
To use JIRA as an alert platform, you must have the DLP for the JIRA app installed from the Atlassian Marketplace. You can read more about the DLP for JIRA integration here.
You can configure alerts at the integration level once you have installed the Nightfall for Google Drive DLP integration.
To configure alerts at the integration level:
Navigate to the Google Drive integration.
Scroll down to the Google Drive section.
You can configure one or multiple alert channels.
To configure Slack as an alert channel, click + Slack channel.
In the Slack alert channel field, enter the name of the Slack channel in which you wish to receive the alerts.
Click Save.
A confirmation pop-up box is displayed to confirm if the Slack channel (entered in the second step) must be used only for Google Drive DLP integration or all the Nightfall integrations.
Select No, only integration level to use the Slack channel only for Google Drive DLP, or select Yes, please to use the selected Slack channel for all the Nightfall integrations.
Click + Email.
Enter the Email ID of the recipient who should receive the notifications.
Click Save.
A confirmation pop-up box is displayed to confirm if the Email ID (entered in the second step) must be used only for Google Drive DLP integration or all the Nightfall integrations.
Select No, only integration level to use the Slack channel only for Google Drive DLP, or select Yes, please to use the selected Slack channel for all the Nightfall integrations.
Click + Webhook.
Enter the Webhook URL.
Click Test. If the test result is not successful, check the Webhook URL.
(Optional) Click Add Header to add headers.
Click Save.
When you configure alerts to a Webhook, Nightfall AI sends occasional posts to:
To validate that the Webhook is properly configured before the policy is saved.
Periodically thereafter to ensure that the Webhook is still valid.
The response to the test Webhooks is 200 status code if successful.
An example of Webhook request is as follows.
This is part of alert event consumption and can be ignored.
Click + Jira Ticket.
Select a JIRA project from the Jira Project drop-down menu.
Select an issue type from the Issue Type drop-down menu.
(Optional) Add comments to be added in the JIRA ticket.
Click Save changes.
A confirmation pop-up box is displayed to confirm if the JIRA settings configured for the Google Drive DLP integration must be applied to all the other Nightfall integrations too.
Select No, only integration level to use the configurations only for Google Drive DLP, or select Yes, please to use the selected JIRA configurations for all the Nightfall integrations.
When a Violation occurs, Nightfall sends a notification to the end-user whose actions triggered the violation. While notifying the end-user, Nightfall also sends a text message. You can draft the text message to be sent to the end-user. This message applies to all the policies. Click Save changes once done.
Labels in Google Drive support various business operations by adding additional metadata to files. Nightfall leverages Google Drive labels to identify sensitive data in Google Drive files and apply automated actions based on labels. To learn more about Google Drive labels, refer to this Google document.
To enable Google Drive labels, you must perform the following prerequisite actions.
#adding-scope-of-google-drive-labels-api
#enabling-google-drive-labels-api
To use Google Drive labels, Nightfall admins must perform the following configurations in your Google Workspace account. You must have the client ID of your Google Workspace.
Log in to Google Workspace as an admin.
Navigate to Domain wide delegations.
Click Add a filter.
Select Client ID.
Enter the client ID and click Apply.
The matching account is displayed.
Hover your mouse to the right and click Edit.
In the OAuth scopes field, enter the following scope and click Authorize.
Once the scope is added, Nightfall admins must enable the Google Drive Label API. Nightfall recommends you to read this Google documentation on enabling APIs before proceeding with this section.
Navigate to the Google Drive Labels API from the GCP console that can be found here.
Click the Select a Project menu.
The list of Google projects is displayed.
Select a Project that has the Service Account, used to install the Nightfall Google Drive integration
Click Enable.
Important
Before using Google Drive Labels in Google Drive policies, ensure that you have created the appropriate Google Drive Labels. To learn more about creating Google Drive labels, refer this Google Document.
This document explains the steps to install the Nightfall DLP for Google Drive. Nightfall recommends that you read the Requirements document for Google drive installation and then proceed with this document.
To install Nightfall for Google Drive:
Log in to Nightfall.
Click Google Drive under the MY INTEGRATIONS section (click Show more if you are unable to view Google Drive)
Click Begin Setup.
The access permission page is displayed as follows. Copy the client ID and Scopes ID generated.
Login to your Google Workspace with an admin account.
Click the menu icon.
Select Admin.
In the Admin console left pane, expand Security and then expand Access and data control.
Click API controls.
Click MANAGE DOMAIN WIDE DELEGATION under Domain wide delegation.
Click Add New.
Paste the Client ID copied from the Nightfall app, in the Client ID field.
Paste the Scopes ID copied from the Nightfall app, under OAuth Scope field. Use comma to add multiple scope IDs.
Click AUTHORIZE.
Return to the Nightfall app and click Next Step.
Click Connect.
Note
Once the installation is complete, Nightfall needs to sync data from your Google Drive. This process takes a few minutes. You can create policies before the sync process is completed. However, the process of scanning files begins once the sync is completed.
Once the installation and sync is completed, Nightfall connects to your Google Workspace account and fetches all the domains. In the above image, you can see that 3 domains are fetched. These three domains were already present in your Google Workspace and are internal to your organization. Nightfall also allows you to add external domains as internal domains. You can do this by clicking the ellipsis menu at the right end and selecting Manage Domains.
The Manage Domains window is displayed as follows.
Enter the domain name in the Domain Name field, hit the enter key, and click Confirm.
