Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here

Skyhigh Security

About Skyhigh CASB for Google Drive

Skyhigh CASB for Google Drive provides a way for organizations to use existing enterprise data loss prevention (DLP) policies and extend them to G Suite, reinforcing compliance and security requirements by providing another layer of control for data stored in Google Drive. 

Skyhigh CASB continuously monitors an organization’s Google Drive accounts for file activity and processes those documents using the Skyhigh CASB DLP policy engine, an on-premises Enterprise DLP policy, or a combination of both. This is triggered by file activity and generally occurs within 10–15 seconds depending on bandwidth constraints, network latency, and file size.

 API-based Activity Monitoring and Threat Protection for Google Drive is based on logging event name activities (found in https://developers.google.com/admin-sdk/reports/v1/reference/activity-ref-appendix-a/drive-event-names).

How it Works

Skyhigh CASB monitors Google Drive for content changes. As employees add/modify new files in Google Drive, Skyhigh CASB scans the files against DLP policies.

If a document contains information that violates a DLP policy, Skyhigh CASB quarantines or tombstones that documents (depending on the DLP policy). Quarantined files can be released or deleted directly from the dashboard. 

If Skyhigh Cloud Connector has been installed, a list of Google Drive files that need more examination by the on-premises DLP solution is sent to the on-premises Cloud Connector. Cloud Connector downloads the documents directly from Google Drive, and forwards them to an Enterprise DLP policy engine using an ICAP protocol.

Admin-Level Activity Monitoring

In addition to activities users perform, G Suite Admin activities are also monitored and added to Threat Protection. The following Admin activities are included:

Activity Name Activity Category Threat Categories
login_success Login Success Compromised Accounts
login_failure Login Failure Compromised Accounts
login_challenge Service Usage Compromised Accounts
logout Service Usage Compromised Accounts
All Admin Activities Administration Privileged Access

 

Disclosure: The Skyhigh App for Google Drive’s use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements. The Skyhigh app for Google Drive will never share any data with third-party AI tools.
See our Privacy Policy.

Learn more about these activities in Google documentation: 

  • Was this article helpful?