Skip to main content
McAfee Enterprise MVISION Cloud

About Passive Email DLP for Gmail

MVISION Cloud's email passive mode Data Loss Prevention (DLP) solution is designed to scan email as it is sent by a user. When a Gmail user sends an email, G Suite uses the third-party email archiving feature to send a copy of the email to MVISION Cloud for analysis. A copy of the email is sent in parallel to the original email. This means that MVISION Cloud receives a copy of the email with no impact of the delivery to the original recipient. This workflow provides notification, but no active remediation.

The workflow uses the following steps:

  1. An email is sent or received by the user.
  2. G Suite delivers the email to the original recipient (MVISION Cloud can't block emails from being sent or received)
  3. G Suite is configured to send copies of emails to MVISION Cloud over secure SMTP (this is configured in G Suite admin under Gmail advanced properties)
  4. MVISION Cloud receives a copy of the email using an SMTP listener (Sky Gateway Email Mode). The listener is set up by MVISION Cloud.
  5. MVISION Cloud scans the email using a DLP engine.
  6. As required, MVISION Cloud sends a notification email to the user regarding policy violation.

Prerequisites for G Suite Email DLP 

Message Processing 

Upon receiving the message from the Gmail, MVISION Cloud temporarily stores the email in S3, which acts as a queue. Each message is encrypted with a customer-specific encryption key. The instant the message has been processed it is removed permanently from S3. We don't retain customer emails post-processing.

  • Was this article helpful?