What’s changing
We recently launched data loss prevention for Gmail and, beginning today, Admins can see “Sensitive content snippets” for Gmail messages that trigger data loss prevention rules. This content is logged in the security investigation tool and admins can use the information to better identify security risks, determine whether a false positive was returned, and decide on an appropriate course of action.
Snippets are already available for DLP events for Drive, Chat, and Chrome. Visit our Help Center and our previous announcement for more information.
.png)
Matched content and information about the data detector type is displayed in the side panel under ‘Log Details’ in the Security Investigation Tool
Getting started
- Admins:
- Make sure any admins who need to review the snippets have the "view sensitive content" privilege. Only super admins have the ability to hide or unhide sensitive data from the log details.
- Visit the Help Center to learn more about preventing data leaks in email and attachments, viewing content snippets that trigger DLP rules, using Workspace DLP to prevent data loss, and the security investigation tool.
- DLP Snippets can be configured in the Admin console by going to Security > Data Protection > Data Protection Settings > Sensitive Content Storage. To view snippets in the security investigation tool, select any row from the “Description column” and scroll down to “Sensitive Content Snippets”. Here you’ll see the matched detector ID, the matched content starting character, and the matched content length.
Rollout pace
Rapid Release and Scheduled Release domains: Full rollout (1–3 days for feature visibility) starting on March 18, 2025
Availability
Available to Google Workspace
- Frontline Standard
- Enterprise Standard and Plus
- Education Fundamentals, Standard, Plus, and the Teaching and Learning add-on
- Enterprise Essentials Plus
- Also available for Chrome Enterprise Premium