Next Generation API Data Protection for Google Calendar
Next Generation API Data Protection for Google Calendar
Using API Data Protection involves configuring the API connection for your Google Calendar app.
To use the Next Generation API Data Protection for Google Calendar, you need to log in to your Google admin console, enter the Client ID and OAuth scopes, and authorize it. The following sections explain how to client ID and OAuth scopes and how to configure the connection.
-
For a detailed list of feature support, see Next Generation API Data Protection Feature Matrix per Cloud App.
-
For a detailed list of activities monitored, see Activities Monitored by Netskope.
Key Considerations for Next Generation API Data Protection for Google Calendar
Attachment sharing and exposure tracking
-
Changes to attachment sharing settings on Google Drive are not tracked after the initial scan.
-
Attachment exposure is only recalculated when a notification is received for a parent event change.
-
If the event remains unchanged but the attachment’s exposure changes, Netskope does not receive a notification from the Google calendar API and cannot act on it.
Group expansion
-
Google groups are not expanded when calculating attachment exposure.
Calendar permission updates
-
Netskope does not retroactively scan events or attachments when permissions for the parent calendar are updated.
Limitations on scanning attachments
-
Newly added attachments are not automatically detected. Instead, Netskope fetches and scans all attachments present in an event during ongoing scans, which may result in duplicate scans.
-
In some cases, Netskope may not be able to fetch access details for an attached file. This depends on the permissions the meeting organizer has—the organizer must be an editor on the file for access details to be retrieved.
Retrospective scanning of calendar events
-
Netskope can only retrieve events created or modified within the last 30 days.
Ownership Assumptions
-
The calendar owner is assumed to be the owner of an attachment to minimize API calls.
Duplicate incidents for attachments
-
Whenever a parent event is modified, an incident is generated for attachment violations as well, which may result in duplicate incidents for attachments.
