Google continues enterprise push with Data Loss Prevention for Gmail

The feature lets enterprises protect their information from being shared via email

150817 google headquarters 3

A building at Google's headquarters in Mountain View, California, on August 17, 2015.

Credit: Martyn Williams

Google on Wednesday released a new tool for companies that want to make sure their sensitive information isn't shared via email.

Gmail for Work now has Data Loss Prevention (DLP) capabilities, which allow administrators to set policies about what information users can send through Gmail. The goal is to protect confidential records and make sure users don't accidentally leak key data. For example, a policy could prohibit members of the accounting team from sending any emails with a spreadsheet attached. 

Policies could also be used to quarantine messages until an administrator can review them, or modify them to remind users not to share confidential information outside of the company. Google has tried to make crafting those policies easier with a library of predefined content detectors that help administrators build intelligent policies. For situations that aren't covered by the pre-built detectors, administrators can create their own. 

One of the interesting capabilities in Gmail's DLP system is that it can actually scan inside the contents of common attachments including presentations, documents and spreadsheets to make sure the files people are sending with emails also conform to company policy. 

Google also scans attachments to determine what types of files users are sending. That means users shouldn't be able to circumvent policies around emailing .xls files by changing the file type to .doc. 

Gmail isn't the first email product to provide data loss prevention capabilities. Microsoft's Exchange Server and Exchange Online products also allow administrators to set rules around what their users can do, and other companies like Cisco and Symantec provide DLP systems as well. 

The feature launch is part of Google's continued push to make its products more interesting to businesses -- especially large enterprises. The company has made several moves to attract businesses, like getting its Apps for Work product certified for the ISO 27018 privacy standard.