Configures a list of Data Control rules to prevent data leaks.
Each rule consists of the following:
- Condition fields to trigger that rule. A rule will only trigger if a user action matches all the fields populated in its sources, destinations, and, or and not fields. For list sub-fields, only one entry needs to be matched, for example only one URL pattern needs to match to trigger the rule.
- A list of restrictions to be applied. Depending on the restriction, only sources or destinations conditions may be available.
Rules can be added to:
- Control the clipboard data shared between the sources and the destinations.
- Control blocking screenshots based on the source tabs.
If OnSecurityEventEnterpriseConnector policy is set to True, triggered rules are reported to the admin.
The restriction level can be set to BLOCK, WARN, or REPORT.
- If the restriction level is set to BLOCK, the action won't be allowed.
- If the restriction level is set to WARN, a user will be warned and may choose to proceed with or cancel the action.
- If the restriction level is set to REPORT, the user action will not be interrupted, but a report will be sent if OnSecurityEventEnterpriseConnector policy is enabled.
Notes:
- Format the URL patterns according to this format ( https://support.google.com/chrome/a?p=url_blocklist_filter_format ).
- For data leak prevention rules specific to Google ChromeOS, see also the DataLeakPreventionRulesList policy.
If the policy is left not set, no restrictions will be applied.
This policy is available only to users who have an assigned Chrome Enterprise Premium license.
Supported On:
Platform
Start
End
Chrome (Windows, Mac, Linux)
128
ChromeOS
128
Example value:
{"0":{"name":"Block copying from corp sites to OS","sources":{"urls":{"0":"salesforce.com","1":"gmail.com","2":"docs.google.com","3":"drive.google.com","4":"company.com"}},"description":"Block copying from internal sites to the OS clipboard","destinations":{"os_clipboard":true},"restrictions":{"0":{"class":"CLIPBOARD","level":"BLOCK"}}},"1":{"name":"Block copying between profiles","sources":{"incognito":false,"os_clipboard":false,"other_profile":false},"description":"Block copying from non-incognito to incognito between profiles or to the OS clipboard","destinations":{"incognito":true,"os_clipboard":true,"other_profile":true},"restrictions":{"0":{"class":"CLIPBOARD","level":"BLOCK"}}},"2":{"name":"Block Cat GPT","description":"Block copying to an AI site to avoid data leaks","destinations":{"urls":{"0":"cat.close.ai.com"}},"restrictions":{"0":{"class":"CLIPBOARD","level":"BLOCK"}}},"3":{"not":{"destinations":{"urls":{"0":"corp.com"}}},"description":"Block pasting in non corp sites using a not condition","restrictions":{"0":{"class":"CLIPBOARD","level":"BLOCK"}}},"4":{"and":{"0":{"destinations":{"incognito":true}},"1":{"not":{"destinations":{"urls":{"0":"corp.com"}}}}},"description":"Block pasting to incognito with an exception of corp sites","restrictions":{"0":{"class":"CLIPBOARD","level":"BLOCK"}}},"5":{"not":{"sources":{"urls":{"0":"corp.com"}}},"description":"Block copying from non corp sites using a not condition","restrictions":{"0":{"class":"CLIPBOARD","level":"BLOCK"}}},"6":{"and":{"0":{"sources":{"incognito":true}},"1":{"not":{"sources":{"urls":{"0":"corp.com"}}}}},"description":"Block copying from incognito with an exception of corp sites","restrictions":{"0":{"class":"CLIPBOARD","level":"BLOCK"}}},"7":{"and":{"0":{"sources":{"urls":{"0":"corp1.com","1":"corp2.com"}}},"1":{"or":{"0":{"not":{"destinations":{"urls":{"0":"corp1.com","1":"corp2.com"}}}},"1":{"destinations":{"os_clipboard":true}},"2":{"destinations":{"other_profile":true}}}}},"description":"Prevent clipboard data from leaving a specified set of corp sites","restrictions":{"0":{"class":"CLIPBOARD","level":"BLOCK"}}}}
Instinctive
