Next Generation API Data Protection for Google Drive
Next Generation API Data Protection for Google Drive
Using API Data Protection involves configuring the API connection for your Google Drive app.
To use the Next Generation API Data Protection for Google Drive, you need to log in to your Google admin console, enter the Client ID and OAuth scopes, and authorize it. The following sections explain how to client ID and OAuth scopes and how to configure the connection.
Why you should move to Next Generation API Data Protection?
-
Dramatically simplified policy definition and management: Multi-app/all app policies and multiple DLP profiles in a single policy.
-
Ability to define threat protection policies.
-
Unified inventory page, for threat hunting and forensic analysis.
-
Ultra-low time to detect and remediate to non-compliant activities.
-
Support for Google Drive badged labels as a policy condition.
Capability Differences Between Classic & Next Generation API Data Protection
Here is a list of feature parity for Google Drive between classic and Next Generation API Data Protection.
Feature | Sub-category | Classic | Next Generation |
---|---|---|---|
Instance Selection | - | Yes | Yes (multiple) |
User Selection | Target all Teams Drive with Exception | Yes | Yes (manual process using Scan Options) |
Subset of Team Drives | Yes | Yes (manual process using Scan Options) | |
User Profiles | Yes | Yes | |
AD User Groups | Yes | Yes | |
Exclude Users | Yes | Yes | |
Exclude User Profiles | Yes | Yes | |
File Sharing | All Sharing Options | Yes | Yes |
Specific Sharing Options | Yes | Yes | |
Private Sharing Options (Specific Sharing Options) | Yes | Yes | |
Public Sharing Options (Specific Sharing Options) | Yes | Yes In Next Gen, public sharing is called Anonymous. |
|
Share Content Internally (Specific Sharing Options) | Yes | Yes | |
Sharing Content to More than X Internal Collaborator (Specific Sharing Options) | Yes | Yes | |
Sharing Content Externally (Specific Sharing Options) | Yes | Yes | |
Sharing with All External Domains (Specific Sharing Options) | Yes | Yes | |
Sharing with Specific External Domains (Specific Sharing Options) | Yes | Yes | |
Sharing Content to More than X External Collaborator (Specific Sharing Options) | Yes | No | |
Sharing Across Enterprise Organization (Specific Sharing Options) | Yes | Yes | |
Sharing Enterprise shared with Everyone (Specific Sharing Options) | Yes | Yes | |
Sharing Enterprise shared with Everyone Except External Users (Specific Sharing Options) | Yes | Yes | |
Sharing Content with a Selected set of User Groups (Specific Sharing Options) | Yes | Yes | |
File Type to Scan | All File Type | Yes | Yes (Netskope cannot scan Google Doc or Sheet greater than 10 MB. This is a limitation enforced by Google.) |
Specific File Type | Yes | Yes, file type list is similar to DLP file type list. | |
DLP | DLP Profiles | Yes | Yes (multiple) |
DLP Incidents | Yes | Yes | |
DLP Quarantine | Yes | Yes | |
Manual Remediation Action (Restrict Access) from Incidents | Yes | Yes | |
Quarantine | Quarantine Restore | Yes | Yes |
Threat Protection | Threat Protection Feature in Instance Configuration | Yes | Yes |
Severity Based Action - Quarantine | Yes | Yes | |
Severity Based Action - Remediation | Yes | Yes | |
Forensics | Google Drive as Forensic Store | Yes | Yes (see Next Gen Forensics) |
Inventory | Inventory Dashboard | Yes | Yes (with unified Inventory page) |
Inventory Details Panel (File Details, Sharing, Links, Recent Activities) | Yes | Yes | |
Manual Actions for Remediation (Restrict Access) | Yes | Yes | |
Action | Alert | Yes | Yes |
Delete | Yes | Yes | |
Legal Hold | Yes | Yes | |
Encrypt | Yes | No | |
IRM Protect | Yes | No | |
Quarantine | Yes | Yes | |
Disable Print & Download | Yes | Yes | |
Change Ownership | Yes (to admin) | Yes (to any specific email) | |
Restrict Access | Yes | Yes | |
Restrict Access Owner Selected | Yes | Yes | |
Restrict access - remove public links | Yes | Yes | |
Restrict Access Internal User Selected | Yes | Yes | |
Restrict Access to Remove Public Links | Yes | Yes | |
Restrict Access to Remove Individual Users | Yes | Yes | |
Restrict Access to Remove Organization Wide Links | Yes | Yes | |
REST API Support | Yes | No | |
Notifications | Email Notifications | Yes | Yes |
Detection & Remediation | MTTD & MTTR (Mean time to detect/resolve) | Fast | Ultra-fast |
Google Badged Label Support | - | No | Yes |