Anomaly detection in the G Suite alert center now in beta

What’s changing

Google is launching the beta of anomalous alert activity for Google Drive. Super admins and admins with delegated privileges for the alert center for G Suite will be alerted when potential data exfiltration risks occur based on unusual Google Drive behavior. Google’s machine learning models analyze security signals within Google Drive to detect potential security risks such as data exfiltration or policy violations related to unusual external file sharing and download behavior.

 

Who’s impacted

Admins only

Why you’d use it

Staying on top of activity that impacts the organization’s security is top of mind for most admins.

Once in beta, Google will proactively notify you of potential security risks including data exfiltration and unusual user behavior patterns that can otherwise be more difficult for security admins to discover.

Additionally, since the alert center integrates with the security center investigation tool for G Suite, organizations can directly launch remediation efforts from within the alert center.

How to get started

  • Admins: Sign up for the beta using this form.
  • End users: No action needed.

Additional details

With this beta program, Google is launching two new types of alerts:

  • Drive External Sharing Anomalous Activity alert: This alert informs security admins of potential data exfiltration risks based on unusual user Drive sharing behavior to external users.
  • Drive Download Anomalous Activity alert: This alert informs security admins of potential data exfiltration risks based on unusual user Drive downloading behavior.