[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

What’s changing

In addition to Google Drive, we’re expanding data classification labels to now include Gmail. Classification labels are used to classify and audit content according to organizational guidelines (“Sensitive”, “Confidential”, etc.) and apply policies, such as data loss prevention (DLP) rules, to protect sensitive information in email messages. Classification labels will be available when using Gmail on the web – support for Gmail on mobile devices will be introduced in the coming months.

Who’s impacted

Admins and end users

Why it’s important

Data breaches are increasingly common and costly across all sectors, including enterprises, public sectors, and government institutions. To minimize data exfiltration and better understand the data being shared, organizations need to differentiate between various types of information and their sensitivity levels to apply data protection policies accordingly. By expanding data classification labels to Gmail, Google Workspace provides admins with a more flexible and robust system integrated with data protection capabilities to help organizations effectively categorize and protect sensitive information. 

Specifically, admins can create:

  • New classification labels or extend existing ones enabled in Drive labels for Gmail from the Label Manager. Labels can be used to  denote department names, document types, document status, and other custom categories. 

The Label Manager tool can be accessed in the Admin console  by going to Security > Access and data control


  • Data protection rules with classification label as a condition, to apply actions to a message based on its classification. For example, a message will be blocked if it’s classified as ‘Internal’ and is being sent to an external recipient.
Notification about delivery failure due to DLP policy, blocking messages labeled as ‘Confidential’ to be sent to recipients outside of the organization




  • Data protection rules to automatically apply classification labels to a message, based on its content. For example, a ‘Confidential’ label can be applied to a message if it contains sensitive financial information, such as credit card or bank account numbers.
Data protection rule with ‘Apply a label’ action. Classification label specified in the rule will be applied to a message, if message contains information matching conditions of the rule

  • DLP rules with Confidential Mode as a condition to prevent sending messages with sensitive information, if it is not encrypted (Confidential Mode is not enabled)
Data protection rule is set up to detect messages with sensitive information (credit card or passport numbers) and confidential mode disabled in order to enforce sending such info with enhanced protection measures





  • End users can view and apply Classification Labels when using Gmail on the web.
Users can apply classification labels to a message, according to the organization’s data governance policies



Additional details
  • When Data loss prevention (DLP) rules for Gmail using classification labels either as a condition or as an action, messages are scanned asynchronously. This means that the message is classified, blocked or quarantined after it leaves the sender's mailbox) and before being dispatched to the recipient. In a future release, we plan to provide synchronous support with instant notifications consistent with our synchronous support of instant DLP enforcement for Gmail.

Note that:
    • If the message is blocked as a result of the classification label applied to it, the sender will get a bounce back message.
    • If the message is automatically labeled by a DLP rule, the sender will not see the label reflected in the sent message. The recipient will see the automatically applied label the same way as any other classification label applied manually by the sender.

  • Only Badged options list and Multiple Options list (Single select) field types are supported in Gmail. If classification labels are enabled for usage in both Gmail and Drive, and it contains fields that are not supported in Gmail, such as date or persona, Gmail users will see the label only with fields of the supported types.
Getting started
  • Admins: 
  • End users: If configured by your admin, you’ll see the “Classification” option when composing a new messaging or replying to an existing message — when you open the menu, you can select labels relevant to your message. Visit the Help Center to learn more about adding classification labels in Gmail.

Rollout pace

Availability
  • The Label Manager and manual classification is available to Google Workspace:
    • Frontline Starter and Standard
    • Business Standard and Plus
    • Enterprise Standard and Plus
    • Education Standard and Education Plus
    • Essentials, Enterprise Essentials, and Enterprise Essentials Plus

  • Data loss prevention rules with labels as a condition or labels as an action are available to:
    • Enterprise Standard and Plus
    • Education Fundamentals, Standard, Plus, and the Teaching & Learning Upgrade
    • Frontline Standard
    • Cloud Identity Premium (in combination with a Workspace Edition eligible for Gmail)
Resources





Labels: , , , ,

What’s changing

Earlier this year, we launched Google Workspace extensions for Gmail, Google Drive and Google Docs in open beta for the Gemini app. Beginning today, we’re pleased to announce that Google Calendar, Google Keep and Google Tasks are also available as Workspace extensions in the Gemini app.

Who’s impacted

Admins and end users

Why you’d use it

Extensions allow the Gemini app to interact with other Google apps and services, helping to provide more contextual and relevant responses to your prompts and take certain actions across apps. For example, you can use extensions to:

Calendar
  • Create an event in Google Calendar based on specific details or based on your conversation with the Gemini app
  • Find events for a specific day, date range, or based on event details
  • Edit or cancel events in Calendar

Tasks
  • Add reminders and tasks, including those based on your conversation with the Gemini app
  • View a list of your tasks and update your tasks

Keep
  • Create notes and lists, including those based on your conversation with the Gemini app
  • Add an item to your existing list
  • Find content from your notes and lists
  • Reference your notes and lists in your conversation with the Gemini app
Additional details
  • If your prompt includes multiple actions that require separate apps or services, but one or more of the required services are not enabled, neither of the actions will be completed. For example, if you prompt Gemini to create an event on your calendar and a reminder for that event but the Tasks extension is not enabled, the event will not be added to your calendar and you will not get a reminder.
  • As a reminder, during the open beta period, Context-Aware Access (CAA) for Gmail, Drive, Docs, Calendar, Keep and Tasks isn’t supported with Google Workspace extensions. Context-Aware Access gives you control over which apps a user can access based on their context, such as whether their device complies with your IT policy. Learn more about Context-Aware Access.
  • Google Workspace extensions is not available to Google Workspace users accessing Gemini as an additional Google service.
  • Note that Google Workspace personal content the Gemini app gets from extensions is not reviewed by anyone to improve AI models, not used to train AI models, and not shared with other users or institutions.
Getting started
  • Admins: 
    • Google Workspace extensions in Gemini are OFF by default and can be enabled at the OU or Group level.
      • If Google Workspace extensions are already enabled, then the Workspace extensions for Calendar, Keep and Tasks will show up automatically for your users.
    • Visit the Help Center to learn more about turning Google Workspace extensions on or off for your organization. 

  • End users: If enabled by your admin, connecting Google Workspace allows users to summarize, get quick answers, and find information from Calendar, Keep and Tasks in addition to Gmail, Docs, and Drive directly in Gemini. Visit the Help Center to learn more about using Google Workspace extensions.
Rollout pace

Availability
Available for Google Workspace customers with these add-ons:
  • Gemini Business
  • Gemini Enterprise
  • Gemini Education
  • Gemini Education Premium


Resources

Labels: , , , , , ,

What’s changing

Under the umbrella of our data migration services, we’re introducing a new file migration service for Admins to transfer files between OneDrive data to Google Drive for up to 100 users at a time. Available directly under the Admin console, super admins can now migrate all your files and folders, as well as their corresponding access permissions with shared members. Starting a migration entails a few simple steps:

  • First, connect to the Microsoft OneDrive account you want to transfer files from
  • Next, set the migration scope by identifying the email addresses of Microsoft OneDrive users that you wish to migrate.
  • Finally, create an identity map to connect users on the source account to users on the target account.


Admin console > Data > Data import & export > Data migration > Go to data migration > Microsoft OneDrive





The console will provide reporting on the migration progression and metrics such as how many users have been processed, how many files have been migrated or skipped, and more. You’ll also have the option to export a migration report to further investigate errors and access troubleshooting tips directly from the tool. You can also make delta updates to migrate any new files that were added or updated after a previous migration. 

Example of a completed migration

Who’s impacted
Admins

Why you’d use it 
Data migrations play a critical role in ensuring a seamless transition between various tools and Google Workspace for both admins and end users. Workspace now offers a first party solution that allows our customers to migrate their data at scale, and without the need for third-party workarounds or on-premises infrastructure. This will significantly reduce the overall migration process and onboarding time to Google Workspace, saving customers considerable administrative and infrastructural costs. Additionally, it ensures minimal interruption for end users, who will be able to access all of their files and documents within Google Drive.
Getting started
  • Admins: This feature is available in open beta - no additional sign-up is required to use the feature. This migration can only be performed by super admins. Visit the Help Center to learn more about migrating files from a OneDrive account.
  • End users: There is no end user action required.
Rollout pace
Availability
Available to Google Workspace 
  • Business Starter, Standard, Plus
  • Enterprise Standard, Plus
  • Education Fundamentals, Standard, Plus, the Teaching and Learning Upgrade
  • Essentials Starter, Enterprise Essentials, Enterprise Essentials Plus
  • Nonprofits

Resources

Labels: , , ,

[Update - October 9, 2024]: There has been a slight change to the rollout of this feature. To help ensure optimized performance, this will now be an extended rollout (potentially longer than 15 days for feature visibility). We anticipate that rollout will be complete by early December and will provide another update confirming rollout is complete.

What’s changing 
Today, we are announcing enhancements for the Data Loss Prevention for Gmail open beta, which are designed to improve usability without compromising sensitive data protections for Gmail. Once deployed, users will receive instant notifications on risks to applicable DLP policies prior to leaving their inbox, instead of having DLP rules evaluated after the message has already left the inbox. In addition to more timely user feedback, this capability, called synchronous DLP, helps educate users about the potential risk of leaking sensitive information. 


We’re also introducing a new action for DLP rules, “Warn”, which will notify users about potentially sensitive data while providing the option to send the message based on a user’s assessment of a risk. For added safety, the DLP service will scan messages one additional time after they leave the sender's mailbox.


Who’s impacted
Admins and end users


Why it matters 
Data breaches are one of the most common and costly security issues facing organizations. Often these breaches originate from within an organization by unintentional or intentional actions by their users. Data loss prevention capabilities help prevent this exfiltration of data and helps guide users about what information to share. To help safeguard sensitive information, organizations can create and enforce policies that not only detect and block sensitive information from being shared, but educate users on what information sharing is or is not appropriate and how to be compliant with those guidelines. Specifically, data loss prevention rules can look for sensitive text stings, custom detectors, or predefined detectors in outgoing messages sent internally or externally. 


The latest update for data loss prevention rules in Gmail brings the experience in line with Google Drive and Google Chat, which are already adopted broadly by Google Workspace customers. You can refer to our Help Center for more information about data loss prevention in Gmail.


Additional details
Customizable warning messages
DLP rules can be configured to block the message, warn users about sensitive information, or quarantine the message. When sensitive information is detected, users will be shown a dialog box notifying them of the risk. Admins can now choose to customize the information shown to end users in these dialog boxes, including why their message was flagged, what they can do to unblock themselves, and links to additional resources to educate them further.

Example of a custom warning message




Continued asynchronous scanning of messages
While messages will now be scanned synchronously, messages will go through additional scanning asynchronously (after the message leaves the inbox) for an additional layer of protection. This includes messages that are sent automatically, such as auto-forward or scheduled send, and messages sent from non-Gmail clients.


Getting started
  • Admins:
    • Data loss prevention in Gmail is available in open beta for select Google Workspace customers. These rules can be configured at the domain, OU, or group level. DLP rules can be enabled in Gmail in the Admin console under Security > Access and data control > Data protection. Note that with the new synchronous scanning, your end users will begin seeing dialog boxes related to these rules before messages leave the inbox. These will be displayed when using Gmail on the web and mobile.

    • Visit the Help Center to learn more about controlling sensitive data shared in Gmail. Note that you can modify existing DLP rules for Drive and Chat to also apply to Gmail. 

    • DLP events can be reviewed in the Security Investigation Tool or Security > Alert Center, if alerts are configured in rules.

    • We recommend selecting “Audit only” when you’re setting up a new rule in order to test and monitor its performance, or to passively monitor the environment without interrupting email flow for your users. There are no changes to the “Audit only” action with this update, they will continue to operate as usual.

  • End users: Depending on the data loss prevention rules configured by your admin, you may see a dialog letting you know that:

    • Your message is blocked: Your message contains information that cannot be shared — you’ll need to remove it in order to send your message.
Dialog in case of a blocked message
    • Your message contains sensitive information: Your message contains information that is sensitive, but can be shared — you can decide whether to send it or edit the message to exclude this information. Note that your admin will be notified about this activity.


      Dialog in case of a warning

    • Your message contains sensitive information that requires review: Your message contains information that will need to be reviewed by an admin. You’ll have the option to submit it for review, and upon review it will be released for delivery or declined. You may receive a notification about the message being declined from delivery.


      Example of a quarantine message
Rollout pace
Availability
Available for Google Workspace:
  • Enterprise Standard, Enterprise Plus
  • Education Fundamentals, Standard, Plus, and the Teaching & Learning Upgrade
  • Frontline Standard
  • Cloud Identity Premium customers
Resources

Labels: , , , , ,

What’s changing
If your admin has set up shared drives for their organization, shared drive managers were previously not able to restrict access to folders in shared drives. Today, we’re introducing a beta that allows shared drive managers to restrict folders to specific users within a shared drive. This provides shared drive managers with greater flexibility to keep relevant content within a single shared drive, while restricting access to shared folders with sensitive information. 

A folder with “limited access” can only be opened by people who have been added to it directly. People with general access to the shared drive or shared folder can see the restricted folder in Drive, but will not be able to open it. 

Eligible customers can use this form to express interest in the beta and will receive an email confirmation prior to the feature being enabled in their specified domain. 

Limit access to a specific folder


Who’s impacted 
Admins and end users 


Why it’s important 
Folders with limited access allow users to organize files by project, in a single shared drive or shared folder, while ensuring that sensitive information is only accessible to the right team members. 


Additional details 
Folders with limited access are available in both shared drives and My Drive: 
  • Shared drive managers can always access folders with limited-access 
  • Folder owners can always access limited-access folders in their My Drive 

Getting started 
  • Admins: Eligible customers can express interest in the beta here. We’ll begin accepting domains into the program in the coming weeks. Once accepted into the beta, visit the Help Center to learn more about folders with limited access
  • End users: 
    • As a shared drive manager or My Drive folder owner, go to your shared drive > choose the folder you want to limit access > click the overflow menu > share > select share settings in the top right corner > click limited access to “Folder Name”. Visit the Help Center to learn more about folders with limited access
    • For users whose access has been limited, you will see the folder name, but the folder will be grayed out: 
For users whose access has been limited, you will see the folder name, but the folder will be grayed out:

Availability 
Available for Google Workspace: 
  • Business Standard, Plus 
  • Enterprise Standard, Plus 
  • Essentials Starter, Enterprise Essentials, Enterprise Essentials Plus 
  • Education Fundamentals, Standard, Plus, the Teaching & Learning Upgrade 
  • Nonprofits 
Resources 
Labels: , ,

What’s changing 
When your users sign in to third-party apps using the "Sign in with Google" option (single sign-on) or use OAuth to share their data with those apps, you can control what access those apps have to your organization’s Google data using app access controls


Admins currently can configure the third-party apps as “Trusted”, giving them access to all OAuth scopes or as “Limited”, giving them access to scopes only from Google services which are not restricted. Beginning today, we’re giving admins another layer of granular control for third-party apps. Specifically, you can now configure apps to be limited by selected OAuth 2.0 Scopes for Google APIs, such as Drive or Gmail scopes. This helps ensure that these apps do not gain additional access without admin consent based on new API scopes that they might request in the future, keeping data access limited to only what is deemed absolutely necessary by admins.




Getting started
Rollout pace

Availability
  • Available to all Google Workspace customers, as well as Cloud Identity Free and Premium customers


Resources

Labels: , , , , ,

What’s changing 
Google Drive inventory reporting is now available in open beta, providing admins with enhanced visibility into the state of their data assets. By exporting this data into BigQuery, admins can gain a holistic view of how their data is classified, who can access it, and how it’s being used. Analyzing this data at scale helps admins address the challenge of understanding the full scope of their data assets, especially as it pertains to sensitive information and compliance with data policies.



Who’s impacted
Admins


Why it’s important
Compared to using APIs, Drive inventory reporting is a more efficient alternative to piecing together a full representation of Drive items from audit events and various other surfaces. The comprehensive view of the file corpus—including classifications, sizes, and locations—allows administrators to identify security risks, such as unauthorized access or oversharing. It also aids in ensuring compliance with regulatory requirements, like those for data retention and destruction. 


Getting started

  • Admins: Eligible Admins can enable this feature in the Admin console by going to Reporting > Data Integrations and enabling Drive Inventory Export. Visit the Help Center to learn more about Drive inventory reporting. Admins interested in providing feedback to the product team during the open beta can fill out this form.
  • End users: There is no end user impact or action required.

Rollout pace
  • This feature is available now for all eligible users.

Availability
Available for Google Workspace:

  • Enterprise Standard and Plus
  • Education Standard and Plus
  • Enterprise Essentials Plus
  • Frontline Standard

Resources

Labels: , ,

2 New updates

Unless otherwise indicated, the features below are available to all Google Workspace customers, and are fully launched or in the process of rolling out. Rollouts should take no more than 15 business days to complete if launching to both Rapid and Scheduled Release at the same time. If not, each stage of rollout should take no more than 15 business days to complete.


All new appointments need to be booked through appointment schedules in Google Calendar 
Earlier this year, we announced that the appointment slots feature will be replaced by appointment schedules in Google Calendar. Starting this week, only appointment schedules can be created. In a couple of weeks, the appointment slots booking pages will no longer be available. At that time, all new appointments will need to be booked through appointment schedules. | Appointment schedules are available to Google Workspace Business Starter, Business Standard, Business Plus, Enterprise Standard, Enterprise Plus, Education Fundamentals, Education Standard, Education Plus, the Teaching and Learning Upgrade, Nonprofits, Google Workspace Individual customers and Google One Premium users. | Visit the Help Center for detailed information about appointment schedules. 

Available in beta: migrate sensitive files to Google Drive with client-side encryption 
We are making it easier to programmatically import sensitive files to Google Drive with client-side encryption by providing code samples on Github. Eligible admins can apply for beta access to this Drive API feature using this form. | Available to Google Workspace Enterprise Plus; Education Standard and Education Plus.


Previous announcements

The announcements below were published on the Workspace Updates blog earlier this week. Please refer to the original blog posts for complete details.


Google Classroom now supports exporting grades and importing rosters and grade settings with PowerSchool SIS 
Google Classroom teachers can now export and import select information via the new integration with PowerSchool SIS. | Learn more about the integration with Classroom and PowerSchool SIS. 

Teachers will soon be able to create a new class in Google Classroom using Student Information System (SIS) data 
In the coming weeks, we will be introducing a new feature that allows teachers to set up a Google Classroom class using information directly imported from an SIS, including co-teachers, student rosters and class lists, grading categories and grading periods. Please note this feature is only available with our current SIS partners. | Learn more about creating new classes in Classroom using SIS data. 

Google Workspace extensions for Gmail, Google Drive and Google Docs are now available in open beta for Gemini (gemini.google.com) 
We’re pleased to announce Google Workspace extensions for Gmail, Google Drive and Google Docs are available for Gemini (gemini.google.com). When enabled, Gemini will be able to cross reference these apps as data sources to better inform its responses. | Learn more about the beta for Gemini (gemini.google.com). 

Import and export Markdown in Google Docs 
We’re introducing highly-requested features that enhance Docs' interoperability with other Markdown supporting tools. | Learn more about markdown in Docs

Clearer re-enrollment for Google Meet hardware devices 
We're updating the way Google Meet hardware devices are re-enrolled to provide a more intuitive experience for administrators. | Learn more about re-enrollment for Meet hardware devices. 

Available in beta: Policy Visualization across Google Docs, Sheets, Slides and Drive 
Users who are interacting with policy-protected content, such as those with data loss prevention (DLP) rules or trust rules, will now be proactively informed about what actions are prevented by those policies. | Learn more about policy visualization.

Enable guardians to preview assigned classwork within Google Classroom
Guardian email summaries will now include links that let guardians preview their student's Classwork pages, including assigned work and attachments provided by the teacher. | Learn more about guardians and Classroom.

Completed rollouts

For a recap of announcements in the past six months, check out What’s new in Google Workspace (recent releases).  

Labels: , , , ,


What’s changing 
Currently, when there are security policies applied to documents, spreadsheets, presentations or files, users are given no central explanation of which actions, like downloading, making a copy, or external sharing are restricted. 

To improve upon this experience, users who are interacting with policy-protected content, such as those with data loss prevention (DLP) rules or trust rules, will now be proactively informed about what actions are prevented by those policies. 

For example, if a user is interacting with a document affected by DLP-enforced information rights management (IRM) and a Trust Rule, they will see a shield icon and side panel that informs them of the restricted actions.
Policy Visualization across Google Docs, Sheets, Slides and Drive
Who’s impacted 
End users 


Why it matters 
With this update, users will be made aware of which actions they are taking that are disabled on a document, spreadsheet, slide or file due to data protection controls.

Getting started 
  • Admins: There is no admin control for this feature. 
  • End users: 
    • Any user will be able to see policy visualization if it's active on a document, but the owner of the document is used to determine if it's turned ON. 
    • A shield icon and side panel will automatically appear when security controls are present. 
    • Visit the Help Center to learn more about the policies that enable Policy Visualization: 

Rollout pace 

Availability
Policy visualization is enabled when the document, spreadsheet, slides or file owner belongs to the following Google Workspace editions: 
  • Business Starter, Standard, Plus 
  • Enterprise Starter, Standard, Plus 
  • Essentials Starter, Enterprise Essentials, Essentials Enterprise Plus 
  • Frontline Starter, Standard 
  • Education Fundamentals, Standard, Plus, the Teaching & Learning Upgrade 
  • Workspace Individual Subscribers 
Resources 


Labels: , , , , ,

[Update] September 30, 2024: As of today, Workspace admins may now disable one or more Workspace services without disabling the remaining, available Workspace extensions in Gemini.


What’s changing 
We’re pleased to announce Google Workspace extensions for Gmail, Google Drive and Google Docs are available for Gemini (gemini.google.com). When enabled, Gemini will be able to cross reference these apps as data sources to better inform its responses.

View of Google Workspace extensions from the Gemini Extensions page




This feature is available in open beta for Google Workspace customers with the Gemini Business, Enterprise, Education, and Education Premium add-ons — no additional sign-up is required.


Who’s impacted

Admins and end users


Why you’d use it

Google Workspace extensions enhance Gemini's capabilities by allowing it to access information from your Gmail, Docs, and Drive. This enables Gemini to locate, reference and incorporate this additional data, leading to even more informed and relevant responses. This deeper integration helps bring Gemini’s capabilities more seamlessly into your daily workflows, helping enhance productivity. For example, referencing a Doc that outlines your target audiences while performing customer research in Gemini (gemini.google.com).


Additional details
  • During the open beta period, Context-Aware Access (CAA) for Gmail, Drive and Docs isn’t supported with Google Workspace extensions. Context-Aware Access gives you control over which apps a user can access based on their context, such as whether their device complies with your IT policy. Learn more about Context-Aware Access.
  • Google Workspace extensions honors access control settings for files within Drive, meaning users can only access files that they own or have been shared with them (excluding files shared via Shared Drive).
  • Google Workspace extensions is not available to Google Workspace users accessing Gemini as an additional Google service.
  • Note that Google Workspace personal content that Gemini Apps get from extensions is not reviewed by anyone to improve AI models, not used to train AI models, and not shared with other users or institutions. Visit the Help Center for more information.
Getting started
  • Admins: 
    • This feature will be OFF by default and can be enabled at the OU or Group level. 



Rollout pace

Availability
Available for Google Workspace customers with the:
  • Gemini Business, Enterprise, Education, or Education Premium add-on

Resources


Labels: , , , ,

What’s changing
We’re pleased to introduce an improved email notification experience for those who are using third-party calendar services—like Outlook—to collaborate with Google Calendar users. Specifically, this update improves the accuracy of Google Calendar event syncing across calendar services, while helping cut down on the amount of email noise caused by calendar sync notifications. 

  • Email notifications that are purely intended to sync information will now be marked as such in the body of the email and sent from a distinct, identifiable email address. The body of the email includes instructions for end users on how to implement inbox filters to avoid this type of email cluttering their inbox. 
  • At scale, Outlook system administrators can use Microsoft’s Powershell to implement an email filter rule for these messages for all users. 
Google Workspace customers can use this form to sign-up for the beta.
Improved syncing experience between Google Calendar and third-party calendars



Who’s impacted 
Admins and end users 


Why it matters
We’ve heard from our customers that the syncing experience from Google Calendar to third-party calendars was not consistently reliable. Additionally, users lacked an effective way to filter out Calendar emails which cluttered their inbox. This update will help improve the overall experience for users collaborating with Google Calendar users. 


Getting started 

Rollout pace 
  • Beta sign-ups are available now using this form until July 10, 2024. We will be accepting beta applications and allowlisting customers over the next several weeks. 

Availability 
  • Sign-up for this beta is available for all Google Workspace customers 

Resources 
Labels: , , ,

This announcement was part of Google Cloud Next ‘24. Visit the Workspace Blog to learn more about the next wave of innovations in Workspace, including enhancements to Gemini for Google Workspace.

What’s changing

AppSheet helps users automate manual workflows by integrating with data sources like Google Drive and Sheets, and today we’re excited to announce its integration with another data collection tool in Workspace: Google Forms.


Many companies rely on the data collected via form submissions when they are performing tasks for ticketing or incident reporting. However, prior to today you could only view information from form submissions via email, spreadsheet, or in the Forms app itself.


With this update, Google Forms submissions can act as event triggers within AppSheet Automations. These automations can then take many different actions, such as sending notifications or approval requests to Gmail or Google Chat, or even calling a custom Apps Script function. 
Build AppSheet automations using Google Forms is now available in beta


Who’s impacted 
Admins, end users and developers 


Why you’d use it 
This integration enables users to receive actionable notifications based on responses to Google Forms.


Getting started 
  • Admins: 
    • AppSheet admins can use AppSheet’s Policy Engine to control access to this feature by App Creators in their organization. Visit the Help Center to learn more about policy enforcement in AppSheet policies and specific guidance on preventing app creators from using Google Forms
    • This feature is available as an open beta, which means AppSheet app creators can use it without enrolling in a specific beta program. 
  • Developers and end users: Visit the Help Center to learn more about building automations using Google Forms. 

Rollout pace 

Availability 
Available for Google Workspace: 
  • Business Starter, Standard, Plus 
  • Enterprise Standard, Plus 
  • Enterprise Essentials Plus 
  • Education Fundamentals, Standard, Plus and the Teaching & Learning Upgrade 
  • Frontline Starter, Standard 
  • AppSheet Starter, Core, Enterprise Standard, Enterprise Plus 
Resources 
Labels: , , , ,

What’s changing 
Launching first to beta, we’re introducing data loss prevention rules for Gmail. Data protection rules help admins and security experts build a stronger framework around sensitive data to prevent personal or proprietary information from ending up in the wrong hands. This functionality is already available in Google Chat and Google Drive, and in Gmail you’ll be able to create, implement, and investigate rules in the same manner. 


Admins can create data protection rules to flag sensitive information from leaving your organization. These rules are applied to outgoing messages sent internally or externally and admins can choose whether all content (including attached files and images), the body of the email, email headers, or subject lines should be scanned. You can configure your rules to look for sensitive text strings, custom detectors, or select predefined detectors. If a message violates a rule, admins can choose to:

  • Block message — the sender will receive a notification about message delivery failure and more information about the policy they violated.
  • Quarantine message — the message will require review and approval by an admin before delivery. If the message is rejected by an admin, the user may receive a notification about it.
  • Audit only — the message is delivered, but it is captured in rule log events for further analysis. This is particularly advantageous because it allows admins to assess the impact of rules before introducing them to your end users.

Data loss prevention for Gmail are available for select Google Workspace customers (see the “Availability” section below) — no additional sign-up is required to use the feature. 

Create data protection policies for Gmail alongside Drive and Chat

Build flexible conditions with selection of predefined and custom detectors of sensitive information

Set up a rule with Audit Only action applied to messages sent outside of organization. The severity level for event logging is set up to ‘Medium’ and alerting via Alert Center is turned on 

Detailed information about the event in the Alert Center

Overview of DLP incidents in the Security Dashboard with further option to investigate audit logs in detail

Who’s impacted
Admins and end users



Why it’s important

In addition to detecting sensitive content, DLP in Gmail offers additional benefits such as:

  • Simplified deployment and data protection policies management with rules for Gmail, Drive and Google Chat unified into the same area and workflow.
  • Advanced detection policies with flexible conditions, wide selection of predefined detectors for global and regional information types, custom detectors (Regular Expressions and word lists), targeting on specific parts of a message (header, subject, body). 
  • Granular configuration of policies scope, defining sender audiences (at domain, OU, and group levels) and recipient audiences (internal, external, both).
  • Actions with various levels of restriction such as block delivery of message (Block), quarantine message for review (Quarantine), and log event for future audit (Audit only).
  • Tools for incident management and investigation such as the Alert Center, Security Dashboard and Security Investigation Tool.


Additional details
How does DLP in Gmail compare to Content Compliance rules?
Content compliance in Gmail does offer similar functionality in that you can create rules to prevent messages that contain specific content from being sent. However, unlike DLP in Gmail, admins have no way to preview the impact of these rules before deploying them broadly.


Further, content compliance offers a variety of features that are better suited for filtering content. For example, you can:
  • Set up a metadata match on a range of IP addresses, and quarantine messages from IP addresses outside of the range.
  • Route messages with content that matches specific text strings or patterns to a specific department, suited the best to process information.

Getting started
  • Admins: 
    • Data loss prevention rules can be configured at the domain, OU, or group level. DLP rules can be enabled in Gmail in the Admin console under Security > Access and data control > Data protection. Visit the Help Center to learn more about controlling sensitive data shared in Gmail.
      • Note that you can modify existing DLP rules for Drive and Chat to also apply to Gmail. 
    • DLP events can be reviewed in the Security Investigation Tool or Security > Alert Center, if alerts are configured in rules.


    • We recommend selecting “Audit only” when you’re setting up a rule. When selected, messages that match the conditions of a rule will be delivered with the detection being logged. This allows you to rest new rules and monitor their performance, or to passively monitor the  environment without interrupting email flow for your users.

    • Note on asynchronous and synchronous scanning: With DLP for Gmail, data protection rules are scanned asynchronously, which means that the message is blocked or quarantined after it leaves the sender’s mailbox and before being dispatched to the recipient. We’re working on the ability to scan data protection rules synchronously when a user hits “Send” in order to notify users about sensitive content before the message leaves their mailbox. 


    • Please share your feedback on this feature with us — this will help us continue to improve the experience as we move through beta and toward general availability. You can share your feedback by selecting the “Send feedback” button located in the bottom left corner of your screen of any data protection related page in the Admin console.


  • End users: When configured by your admins, you’ll be notified if your message contains information that violates a DLP rule

Rollout pace
Availability
Available to Google Workspace:
  • Enterprise Standard, Enterprise Plus
  • Education Fundamentals, Standard, Plus, and the Teaching & Learning Upgrade
  • Frontline Standard
  • Cloud Identity Premium customers

Labels: , , , ,

[Update - June 24, 2024]: This beta is now closed and will no longer be accepting new applicants.What’s changing 
Launching in beta, we’re introducing an integration between Google Voice and Salesforce that makes it easier to track details of calls made in Voice. When enabled: 

  • Salesforce contacts will be displayed in Google Voice. 
  • Google Voice calls will now be logged to any matching Salesforce contact.

Salesforce contacts are denoted with the Salesforce logo. 




Who’s impacted

Admins and end users


Why you’d use it

This integration helps improve visibility across the various stakeholders that rely on Salesforce as a key tool in their workflow. When enabled, Google Voice calls will be automatically logged in Salesforce, ensuring that there is a record of that interaction for all to see. Additionally, you can jump from Google Voice to the Salesforce call log to add notes and more context. This helps eliminate the need for users to switch between multiple applications and manual record keeping, and make it easier for other team members to see the latest activity in Salesforce.

Getting started

  • Admins: 
    • This feature will be OFF by default and can be enabled at the Organizational Unit (OU) level. Visit the Help Center to learn more about integrating CRM with Salesforce.

To turn on the Google Voice and Salesforce integration, navigate to Apps > Google Workspace > Google Voice > Policies > Salesforce integration


You’ll then be directed to the Google Voice and Salesforce connection page to complete the set-up.


  • End users: You’ll see banners in Google Voice on web and mobile when this integration is enabled by your admin. 
Banners inside the Voice app will indicate when Salesforce has been integrated.






After you make a Voice Call to a Salesforce contact from either our web or mobile app, you will be notified that the call is logged to Salesforce in the call log.

You’ll see when a call has been logged to Salesforce — you can click on this notification to open Salesforce.

Logged calls within the Salesforce UI.


To make the most out of the integration, we recommend that you install the Google Voice Chrome Extension.

Rollout pace
  • This beta is now closed and is no longer accepting new applicants.

Availability
  • Available to Google Workspace customers with Voice Standard or Premier and Salesforce Enterprise, Unlimited, or Lightning versions

Resources





Labels: ,