Qué está cambiando
In addition to Google Drive, we’re expanding data classification labels to now include Gmail. Classification labels are used to classify and audit content according to organizational guidelines (“Sensitive”, “Confidential”, etc.) and apply policies, such as normas de prevención de pérdida de datos (DLP), to protect sensitive information in email messages. Classification labels will be available when using Gmail on the web – support for Gmail on mobile devices will be introduced in the coming months.
A quién afecta
Administradores y usuarios finales
Por qué es importante
Data breaches are increasingly common and costly across all sectors, including enterprises, public sectors, and government institutions. To minimize data exfiltration and better understand the data being shared, organizations need to differentiate between various types of information and their sensitivity levels to apply data protection policies accordingly. By expanding data classification labels to Gmail, Google Workspace provides admins with a more flexible and robust system integrated with data protection capabilities to help organizations effectively categorize and protect sensitive information.
Specifically, admins can create:
- New classification labels or extend existing ones enabled in Drive labels for Gmail from the Administrador de etiquetas. Labels can be used to denote department names, document types, document status, and other custom categories.
- Data protection rules with classification label as a condition, to apply actions to a message based on its classification. For example, a message will be blocked if it’s classified as ‘Internal’ and is being sent to an external recipient.
- Data protection rules to automatically apply classification labels to a message, based on its content. For example, a ‘Confidential’ label can be applied to a message if it contains sensitive financial information, such as credit card or bank account numbers.
- DLP rules with Confidential Mode as a condition to prevent sending messages with sensitive information, if it is not encrypted (Confidential Mode is not enabled)
- Usuarios finales can view and apply Classification Labels when using Gmail on the web.
Más información
- When Data loss prevention (DLP) rules for Gmail using classification labels either as a condition or as an action, messages are scanned asynchronously. This means that the message is classified, blocked or quarantined after it leaves the sender’s mailbox) and before being dispatched to the recipient. In a future release, we plan to provide synchronous support with instant notifications consistent with our synchronous support of instant DLP enforcement for Gmail.
Note that:
- If the message is blocked as a result of the classification label applied to it, the sender will get a bounce back message.
- If the message is automatically labeled by a DLP rule, the sender will not see the label reflected in the sent message. The recipient will see the automatically applied label the same way as any other classification label applied manually by the sender.
- Only Badged options list and Multiple Options list (Single select) field types are supported in Gmail. If classification labels are enabled for usage in both Gmail and Drive, and it contains fields that are not supported in Gmail, such as date or persona, Gmail users will see the label only with fields of the supported types.
Para empezar
- Admins:
- Gmail classification labels can be enabled at the domain, group level, or individual user level. You also have the option to enable existing classification labels used in Drive for use in Gmail. The Label Manager tool can be accessed by going to Security > Access and data control o admin.google.com/ac/dc/labels in the Admin console.
- Visite el Centro de ayuda para obtener más información sobre getting started with classification labels, Gmail DLP & automatic classification labelsy preventing data leaks in email and attachments.
- Note: Labels can be viewed by any admin in your organization with the Manage Labels privilege. They can also be visible to everyone in your organization based on the label’s permissions settings.
- Usuarios finales: If configured by your admin, you’ll see the “Classification” option when composing a new messaging or replying to an existing message — when you open the menu, you can select labels relevant to your message. We’ll share the end user Help Center article on Monday, November 3, 2024.
Ritmo de implantación
- Ámbitos de liberación rápida y liberación programada: Gradual rollout (up to 15 days for feature visibility) starting on November 1, 2024
Disponibilidad
- The Label Manager and manual classification is available to Google Workspace:
- Frontline Starter and Standard
- Business Standard and Plus
- Enterprise Standard and Plus
- Education Standard and Education Plus
- Essentials, Enterprise Essentials, and Enterprise Essentials Plus
- Data loss prevention rules with labels as a condition or labels as an action are available to:
- Enterprise Standard and Plus
- Fundamentos de la Educación, Estándar, Plus y la Actualización de Enseñanza y Aprendizaje
- Frontline Standard
- Cloud Identity Premium (in combination with a Workspace Edition eligible for Gmail)