1. Help Center
  2. K-12 Security & Compliance
  3. Google Workspace security and compliance

How to create and manage the phishing policy for Gmail?

Follow these steps to setup and manage the phishing policy for Gmail in SysCloud Security App:

1. Log in to the SysCloud Application.

2. Click “Safety, Security & Compliance”→“Create Policy.”

Create policy

3. Click “Phishing” on the left pane.

0. Click on the phishing option on the left pane

4. Click on the “VIEW AND EDIT POLICY” to customize the policy.

phishing 02-1

5. Create a name for the policy.

6. Select the scope for the policy i.e. the users you want to protect and click “NEXT.”

Select users

Note: For now, the phishing protection policy is limited to 50 users in your domain.

7. Choose additional users, to be excluded or included in the scope of the policy, and click “NEXT.”

Selected users

8.  Select the cloud service to protect. The phishing policy is available only for Gmail.

2. Select service to protect

9. Select whether you want to allow users to request exceptions on policy violations and click “Next."

4. Policy exceptions

10. Choose the team members to be notified in case of policy violations. You can also select whether the policy violations need to be included in the weekly and daily threat reports.

Violation notifications can be triggered based on the type of phishing violation detected. SysCloud app will classify phishing emails into one of the four:

    1. Phishing emails
    2. Suspicious emails
    3. Spam

Phishing  - incident reporting

11. Click “CREATE & ACTIVATE.”

Create and activate

Once the policy is active you will receive violation alerts based on your policy settings. Follow these steps to view and manage policy violations:

1.  Navigate to “Safety, Security & Compliance”→“Violations.”

11. Select violations

2.  Select “Phishing” on the left pane.

3. Click on the vertical ellipses on the right-hand side of the screen to view the violation or to share it with another user.

6. share violation

4. Select the violation(s) to perform the following actions:

    1. Request exception
    2. Mark as a false positive
    3. Dismiss
    4. Delete email(s)
    5. Mark as true positive

7. Actions