Enable Cloud Malware Protection for Google Drive
Table of Contents
Prerequisites
- Full Admin user role. For more information, see Manage Accounts.
- The person performing the authentication must be a Google Super Admin and have an active Google user license.
- Chrome or Firefox is recommended with pop-up blockers/ad blockers disabled (only for the duration of authorization).
- Secure Access DLP Connector (also known as the SaaS API Connector) must be installed in the tenant by a Google Admin User. We recommend using a service account for the installation.
Limitation
- A tenant that fails to authenticate cannot be deleted.
Authorize a Tenant
- Navigate to Admin > Authentication.
![](https://files.readme.io/48a2a91-authentication.png)
- Under Platforms, click to expand Google.
![](https://files.readme.io/34ea8cc-Step2.jpg)
- Under Cloud Malware click Authorize New Tenant to add a Google tenant to your Umbrella environment.
![](https://files.readme.io/08c6afa-Step3.jpg)
- In the Google Authorization dialog box, check the checkbox to verify you meet the prerequisite, then click Next.
Note: The link to the SaaS API Connector brings you to the Secure Access DLP Connector site in the Google Workspace Marketplace. This is correct, despite the nomenclature difference.
![](https://files.readme.io/f901580-Step4.jpg)
- Provide a name for your tenant, then click Next.
![](https://files.readme.io/c8acaf1-Step5.jpg)
- Select a Response Action for Secure Access to apply to Google files found with malware, then click Next.
- Choose Monitor to cause Secure Access to log files detected with malware. You will be able to manually quarantine these files from the Cloud Malware report.
- Choose Quarantine to:
- Move the file into a folder named Cisco_Quarantine_Malware in the root path of the admin who authorized the tenant, remove all collaborators, and change the file owner to the Google admin.
- Replace the file in its original location with a text file named filename.ppt_Cisco_Quarantined.txt explaining to the original file owner that the file is identified as malware and for more information to contact their organization administrator.
![](https://files.readme.io/75649a0-Step6.jpg)
![](https://files.readme.io/e1026de-Step6.jpg)
- Enter a valid gmail address and then click Done.
![](https://files.readme.io/bdd511e-Step7.jpg)
![](https://files.readme.io/df37865-Step7.jpg)
- The new tenant will appear in the list under Cloud Malware.
![](https://files.readme.io/9fc10cf-Step8.jpg)
Edit a Tenant
You can change the Response Action you have selected for a tenant.
- Navigate to Admin > Authentication.
![](https://files.readme.io/e538e1b-authentication.png)
- Under Platforms, click Google.
- In the Cloud Malware section , under Action, click Edit. You can edit any tenant.
![](https://files.readme.io/2020e69-EditStep3.jpg)
- Select a Response Action for Secure Access to apply to Google files found with malware, then click Next.
- Choose Monitor to enable the logging of malware-infected files. You will be able to manually quarantine these files from the Cloud Malware report.
- Choose Quarantine to:
- Move the file into a folder named Cisco_Quarantine_Malware in the root path of the admin who authorized the tenant, remove all collaborators, and change the file owner to the Google admin.
- Replace the file in its original location with a text file named filename.ppt_Cisco_Quarantined.txt explaining to the original file owner that the file is identified as malware and for more information to contact their organization administrator.
![](https://files.readme.io/0b937f4-Step6.jpg)
- Click Done to continue.
![](https://files.readme.io/2817536-EditStep5.jpg)
- The new Response Action is displayed.
![](https://files.readme.io/dcd1555-EditStep6.jpg)
Revoke Authorization
- Under Action, click Revoke. You can revoke any authorized tenant.
![](https://files.readme.io/5be3fc5-RevokeStep1.jpg)
- Confirm to proceed. The selected tenant will no longer be authorized.
![](https://files.readme.io/3b6641d-RevokeStep2.jpg)
Enable Cloud Malware Protection for Webex Teams Tenants < Enable Cloud Malware Protection for Google Drive > Monitor Secure Access with Reports
Updated 4 months ago