Guides
Secure Access Help Center

Enable Cloud Access Security Broker Features for Google Drive

Secure Access supports two Cloud Access Security Broker (CASB) features for Google Drive:

  • Cloud Malware protection.
  • Detection of third-party cloud applications that have been granted OAuth-based permission to access a user's protected resources on Google Drive. For more information, see Third-Party Apps Report.

Table of Contents

Prerequisites

  • Full Admin user role. For more information, see Manage Accounts.
  • The person performing the authentication must be a Google Super Admin and have an active Google user license.
  • Chrome or Firefox is recommended with pop-up blockers/ad blockers disabled (only for the duration of authorization).
  • Secure Access DLP Connector (also known as the SaaS API Connector) must be installed in the tenant by a Google Admin User. We recommend using a service account for the installation.
  • For third-party app support, your Google Drive tenant scopes for admin.report.audit.readonly and admin.reports.usage.readonly must be enabled.

Limitation

  • A tenant that fails to authenticate cannot be deleted.

Authorize a Tenant

  1. Navigate to Admin > Authentication.
  1. Under SaaS API Platforms, click to expand Google.
  1. Under Cloud Access Security Broker click Authorize New Tenant to add a Google tenant to your Secure Access environment.
  1. In the Google Authorization dialog box, check the checkboxes to verify you meet the prerequisites, then click Next.
    Note: The link to the SaaS API Connector brings you to the Umbrella DLP Connector site in the Google Workspace Marketplace. This is correct, despite the nomenclature difference.
  1. Provide a name for your tenant, then click Next.
  1. Choose to authorize your Google Drive tenant for Cloud Malware protection, or CASB detection for third-party cloud applications, or both.

If you choose to authorize for Cloud Malware protection, you must also select a Response Action for Secure Access to apply to Google Drive files found with malware.

  • Choose Monitor to cause Secure Access to log files detected with malware. You will be able to manually quarantine these files from the Cloud Malware report.
  • Choose Quarantine to:
  • Move the file into a folder named Cisco_Quarantine_Malware in the root path of the admin who authorized the tenant, remove all collaborators, and change the file owner to the Google admin.
  • Replace the file in its original location with a text file named filename.ppt_Cisco_Quarantined.txt explaining to the original file owner that the file is identified as malware and for more information to contact their organization administrator.

After making your selections, click Next.

  1. Enter a valid gmail address and then click Done.
  1. The new tenant will appear in the list under Cloud Access Security Broker.

Edit a Tenant

You can change the Response Action you have selected for a tenant.

  1. Navigate to Admin > Authentication.
  1. Under SaaS API Platforms, click to expand Google.
  2. In the Cloud Access Security Broker section , under Action, click Edit. You can edit any tenant.
  1. Choose to authorize your Google Drive tenant for Cloud Malware protection, or CASB detection for third-party cloud applications, or both.

If you choose to authorize for Cloud Malware protection, you must also select a Response Action for Secure Access to apply to Google Drive files found with malware.

  • Choose Monitor to cause Secure Access to log files detected with malware. You will be able to manually quarantine these files from the Cloud Malware report.
  • Choose Quarantine to:
  • Move the file into a folder named Cisco_Quarantine_Malware in the root path of the admin who authorized the tenant, remove all collaborators, and change the file owner to the Google admin.
  • Replace the file in its original location with a text file named filename.ppt_Cisco_Quarantined.txt explaining to the original file owner that the file is identified as malware and for more information to contact their organization administrator.

After making your selections, click Next.

  1. Click Done to continue.
  1. The new Response Action is displayed.

Revoke Authorization

  1. Under Action, click Revoke. You can revoke any authorized tenant.
  1. Confirm to proceed. The selected tenant will no longer be authorized.

Enable Cloud Malware Protection for Dropbox Tenants < Enable Cloud Malware Protection for Google Drive > Enable Cloud Access Security Broker Protection for Microsoft 365 Tenants

Updated 20 days ago