DLP for Google Drive
Cloudflare Data Loss Prevention can inspect upload and download traffic to and from Google Drive.
Configuring for compatibility
No additional configuration is required to scan Google Drive traffic in a browser.
To use Cloudflare DLP with the Google Drive desktop app, you will need to configure Google Drive for desktop to trust the Cloudflare root certificate. This can be done with a device manager.
You can perform DLP scanning on the Google Drive mobile app for iOS.
Android is not supported because the app uses certificate pinning. We recommend creating a Do Not Inspect policy so that the Google Drive app can continue to function on Android. To exempt the Google Drive Android app from Gateway inspection:
Set up an OS version device posture check that checks for the Android operating system.
Create the following HTTP policy in Gateway:
Selector Operator Value Passed Device Posture Checks in
OS Version Android
Google Drive (Do Not Inspect)
Android users can now use the Google Drive app, but the app traffic will bypass DLP inspection.
Supported file types
DLP for Google Drive supports the same file types as all other DLP scans. Supported formats include:
- Office documents (DOCX and XLSX)
- ZIP file containing plain text
- ZIP file containing office documents
Google Drive breaks large upload and download requests into multiple requests of size ≤ 280 MB. If your file is being transmitted as a ZIP and is broken into multiple requests, DLP cannot scan the internal files.