Netskope for Google Workspace

Top use cases for securing
Google Workspace

Control access to Google Workspace applications and more

Using a powerful combination of API-enabled and inline security controls, detect sensitive content in Google Workspace or en route to or from any third-party cloud application or website. Manage access to Google Workspace regardless of where your users are located, what device they are using or how they do so (e.g. web browser, mobile app, sync client). Apply the appropriate access control policies based on your specific needs.

Detect and protect sensitive data

Identify and control access to sensitive data and content across Google Workspace applications. Establish policies to restrict data access and movement within and between Google Workspace applications like Drive and Gmail. Extend this control to third-party cloud storage applications like Box and Dropbox to ensure data is not lost between applications.

Stop insider threats like data exfiltration

Prevent the download of sensitive data from Google Workspace via business instances and then the upload via personal instances, which is one of today’s top data loss methods. For example, allow corporate Gmail accounts to access and download sensitive content but restrict the upload of this data via a personal, unmanaged Gmail account. Additionally, apply this control to unmanaged devices: allow unmanaged or personal device access to a specific cloud app for collaboration, however, do not allow downloading of sensitive data.

Detect and stop elusive threats and malware

As cloud-enabled threats are the norm with 63% of malware delivered from the cloud*, it’s essential to deploy cloud smart threat defenses. Additionally, with SaaS/webmail applications being the #1 phishing target*, it’s more imperative to boost your threat defenses for Google Workspace than ever before.

^{*Sources: APWG.org Phishing Trend reports; Netskope Threat Research Labs 2020}

Maintain compliance in Google Workspace

Ensure your organization can adhere to strict regulations by enforcing security policies within Google Workspace that prevent actions that can push your organization out of compliance.

Google friendly and fast

Encounter no performance trade-offs when protecting critical Google Workspace data and traffic due to direct peering with Google in all data centers worldwide via Netskope NewEdge.

^{*Sources: APWG.org Phishing Trend reports; Netskope Threat Research Labs 2020}

Ensure your organization can adhere to strict regulations by enforcing security policies within Google Workspace that prevent actions that can push your organization out of compliance.

Encounter no performance trade-offs when protecting critical Google Workspace data and traffic due to direct peering with Google in all data centers worldwide via Netskope NewEdge.

How Netskope protects
Google Workspace environments

Deep visibility and control in real time

Provide inline visibility for thousands of apps (managed and unmanaged) in use, including users, file names, activity, and to whom. Take advantage of the Netskope all-mode architecture, which gives you a comprehensive set of deployment options and enables you to have full visibility and control over your Google Workspace environment and more.

Whether your users are on-premises or remote, using a web browser, mobile app, or sync client, the Netskope all-mode architecture offers you a full array of deployment options to gain visibility and control of your Google Workspace applications.

API-enabled controls protect data at rest and detects threats in Google Drive, and even GCP storage buckets
Real-time inline defenses monitor and control data movement and threat propagation between Google Workspace apps as well as third party, ecosystem applications (e.g. between Gmail and Drive; Drive and Box)

Advanced data protection in Google Workspace

Netskope comprehensive data loss prevention (DLP) capabilities identify and protect your sensitive data within and between Google Workspaceapplications. Display real-time notifications and coaching to users conducting risky activities or moving sensitive data, to improve user behavior. Whether using managed or unmanaged, personal devices, Netskope can protect your users and their data while safely using Google Workspace.

Netskope DLP identifies and protects sensitive data and content in Google Workspace applications as well as its ecosystem of third party applications.

Protects your data at rest and data in motion within Google Workspace
Detects and controls sensitive data in Google Workspace and en route to and from other cloud services whether via chats, file sharing, web forums, screen captures, email and more
Uses 3000+ language-independent data identifiers to inspect 1400+ file types
Offers 40+ predefined regulatory and best practices compliance templates
Includes metadata extraction, exact match, fingerprinting and Optical Character Recognition (OCR) for high accuracy
Uses machine learning based document and image classification for high efficiency

Advanced threat protection (ATP) for Google Workspace

Utilize multi-layered, advanced threat protection to stop modern threats like cloud phishing, malware and compromised credentials within Google Workspace and between other cloud applications. Apply User and Entity Behavior Analytics (UEBA) to detect and stop anomalies like bulk downloads or deletions via machine-learning enhanced defenses.

Provides automated policies and workflows for real-time response to stop or reverse the effects of cloud threats
Conducts real-time, full file inspection to detect and block malware
Provides rich metadata for SOC investigations and threat hunting
Cloud and bare-metal sandboxing for 30+ file types including executables, scripts, and more
Utilizes machine learning anomaly detection to expedite and simplify threat response
Uses 40+ threat intelligence feeds, plus importing IOCs, including file hashes and malicious URLs
Cloud Threat Exchange (CTE) enables threat intel sharing with EPP, EDR, SIEM, etc.

Encryption to ensure data privacy

Protect sensitive data and maintain data privacy by encrypting content to ensure that you always have full control. Files are encrypted in real-time without impacting user productivity.

Netskope enables you to protect your sensitive content as it leaves your organization’s perimeter and moves into Google Drive, allowing you to retain full control of it. Netskope provides strong encryption capabilities to enhance the security and confidentiality of content in Google Workspace and other cloud applications. Files can be selectively encrypted in flight or encrypted as they are stored in Google Drive.

Uses AES-256 with a per-file key controlled by fault-tolerant, FIPS 140-2 Level 3 certified HSMs
Optionally, can integrate Netskope Encryption with your on-premises, KMIP-compliant key management system to ensure that you retain control of the keys and their lifecycle

API-enabled controls protect data at rest and detects threats in Google Drive, and even GCP storage buckets
Real-time inline defenses monitor and control data movement and threat propagation between Google Workspace apps as well as third party, ecosystem applications (e.g. between Gmail and Drive; Drive and Box)

Netskope DLP identifies and protects sensitive data and content in Google Workspace applications as well as its ecosystem of third party applications.

Protects your data at rest and data in motion within Google Workspace
Detects and controls sensitive data in Google Workspace and en route to and from other cloud services whether via chats, file sharing, web forums, screen captures, email and more
Uses 3000+ language-independent data identifiers to inspect 1400+ file types
Offers 40+ predefined regulatory and best practices compliance templates
Includes metadata extraction, exact match, fingerprinting and Optical Character Recognition (OCR) for high accuracy
Uses machine learning based document and image classification for high efficiency

Provides automated policies and workflows for real-time response to stop or reverse the effects of cloud threats
Conducts real-time, full file inspection to detect and block malware
Provides rich metadata for SOC investigations and threat hunting
Cloud and bare-metal sandboxing for 30+ file types including executables, scripts, and more
Utilizes machine learning anomaly detection to expedite and simplify threat response
Uses 40+ threat intelligence feeds, plus importing IOCs, including file hashes and malicious URLs
Cloud Threat Exchange (CTE) enables threat intel sharing with EPP, EDR, SIEM, etc.

Protect sensitive data and maintain data privacy by encrypting content to ensure that you always have full control. Files are encrypted in real-time without impacting user productivity.

Uses AES-256 with a per-file key controlled by fault-tolerant, FIPS 140-2 Level 3 certified HSMs
Optionally, can integrate Netskope Encryption with your on-premises, KMIP-compliant key management system to ensure that you retain control of the keys and their lifecycle

Netskope for Google Workspace

Secure your data and ensure compliance in Google Workspace

Solve your SASE and zero trust
transformation challenges with one platform

Top use cases for securing
Google Workspace